This repository contains a Proof of Concept (PoC) for CVE-2024-23334, demonstrating how malicious actors can exploit vulnerabilities in aiohttp using LFI .
Caution
Disclaimer: IMPORTANT: This PoC is for educational purposes only. Unauthorized access to computer systems and networks is illegal !!!
- Clone the repository:
git clone https://github.com/jhonnybonny/CVE-2024-23334 cd CVE-2024-23334 python3 -m venv .env chmod +x ./.env/bin/activate source ./.env/bin/activate pip3 install -r requirements.txt
2.Start the server:
python3 server.py
3.Scanner:
nuclei -t aiohttp.yaml -u http://localhost:8081or
nuclei -t aiohttp.yaml -l aiohttp.csv
3.Exploit:
python3 exploit.py -s http://localhost:8081