Skip to content

JawadPy/WerkGhost

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
werkghost.py
werkghost.py
 
 

Repository files navigation

WerkGhost

image

Exploit for Werkzeug < 3.1.4 (CVE-2025-66221)

Disclaimer

This script is provided solely for controlled security testing and research purposes. It must only be used on systems and environments for which you have explicit, written authorization. Any use outside of legally sanctioned testing — including against third-party, public, or production systems — is strictly prohibited and may violate local and international laws. You assume full responsibility for all actions taken with this tool. The author accepts no liability for misuse, damages, service disruption, or legal consequences arising from unauthorized activity.

Requirements

You have to install requests before start using the script.

pip install requests

Usage

python werkghost.py -u <url> -p <payload> -d <Directory> --timeout <timeout :D> -t <threads>

Example

python werkghost.py -u http://127.0.0.1:8000 -p CON -d download --timeout 3 -t 100

Note:

  • The target web server must be running on Windows.
  • If the operation fails or produces inconsistent results, increase the number of worker threads and retry.

About

Exploit for Werkzeug < 3.1.4 (CVE-2023-46136)

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages