Exploit for CVE-2024-25600

Bricks Builder RCE Exploit (CVE-2024-25600) This project contains a Python-based exploit script targeting the Bricks Builder WordPress plugin Remote Code Execution (RCE) vulnerability identified as CVE-2024-25600. The exploit allows unauthorized remote command execution by injecting PHP code via a vulnerable REST API endpoint. Additionally, an analysis script is provided to parse and summarize the exploit results, including extracting user info and performing IP geolocation lookups. Features Automated nonce extraction from target URL. Test payload to verify vulnerability. Backdoor payload injection enabling arbitrary command execution via HTTP GET. Optional command execution immediately after backdoor injection. Supports single targets or multiple targets from a file. Proxy support for traffic routing (e.g., through Burp Suite). Output logging to file for audit and review. Analysis tool to parse result logs and provide detailed summaries with IP geolocation. Requirements Python 3.x curl command-line tool installed and accessible in PATH. Internet access for IP geolocation queries. Optional: Proxy (e.g., Burp Suite) for intercepting requests. Usage Exploit Script bash python3 exploit.py -u <target_url> [-p <proxy_url>] [-o <output_file>] [-c <command>] Example: bash python3 cve_2024_25600_bricks_rce.py -u <TARGET> -p "https://127.0.0.1:8080" -o results.txt -c "uname -a" Analyze Results bash python3 analyze_results.py –input results.txt –output summary.txt – Parses…Read More