Offensive Scripts

A collection of scripts written by me or modified versions of others' scripts, categorized by target or attack technique.

Index

CVE Exploits

CVE-2023-45878

Chains and automates Arbitrary File Write to RCE on Gibbon LMS through CVE-2023-45878 exploitation.

The script performs the following steps:

1. Generates an msfvenom stageless reverse shell for Windows
2. Uploads a webshell exploiting CVE-2023-45878
3. Downloads the reverse shell on the target
4. Executes the reverse shell

Usage: CVE-2023-45878.sh <lhost> <lport> <rhost[:rport]>.

CVE-2025-24893

Exploits XWiki RCE vulnerability and spawns a reverse shell on the target.

Python Werkzeug

LFI to RCE

Exploits an LFI endpoint to read system files and generate the Werkzeug PIN.

SQLi to RCE

Exploits SQLi to read system files and generate Werkzeug PIN (from TryHackMe Advent Of Cyber 2023 Side Quest 4)

SSRF

SSRF Local Subdomains Enumeration

Tool to enumerate subdomains exposed locally thru a POST parameter vulnerable to SSRF. The script uses RawHTTPy, a python package written by me to parse raw HTTP requests.

SSRF RabbitStore CTF

Three Bash scripts exploiting an SSRF vulnerability in the THM's RabbitStore CTF.

• Automated exploit workflow – ssrf.sh: from account creation to SSRF payload delivery
• Internal port scanning - port_scanner.sh: discover internal web services via SSRF
• Directory enumeration - dir_scanner.sh: brute-force directories on an internal service through SSRF

Others

Gavel RCE

RCE exploitation automation for HackTheBox's Gavel CTF. Drops a web shell on the target for more command execution freedom, then spawns a mkfifo reverse shell through it.