CVE-2021-41773
Quick proof of concept
The script check for LFI and RCE in Apache 2.4.49, you can test a single target or a list. Make sure you specify HTTP or HTTPS for a single target.
Test only if you're authorized, be smart.
Example usage:
python3 cve2021-41773.py -target DOMAIN/IP -protocol HTTP/HTTPS -file domain_list.txt
Using a list of targets:
python3 cve2021-41773.py -file domain_list.txt
Testing a single target:
python3 cve2021-41773.py -target example.com -protocol HTTP
Contact:
Twitter – @0xAlmighty – MHhhbG1pZ2h0eUBwcm90b25tYWlsLmNvbQ==