I can't use old exploits (example on horizontall machine)

MADUM · August 30, 2023, 7:23am

Hello,
I’m solving the Horizontall machine, this machine has a Strapi vulnerability.
I want to exploit this vulnerability.

I dowloand the Strapi CMS 3.0.0-beta.17.4 - Remote Code Execution (RCE) (Unauthenticated) - Multiple webapps Exploit code in exploit-db, but I could not run it.
The error I get appears as a syntax error.

I used 2to3 but I couldn’t run the exploit code.

Any idea how I can solve this problem?

(I looked in different github repos, I used all of them and got the same error)

I am attaching a screenshot of the error.

Thanks

HomeSen · August 31, 2023, 8:14pm

The error message Name or service not known looks more like it can’t resolve the hostname. Do you have an entry for api-prod.horizontall.htb in your system’s /etc/hosts file that points to the correct IP address?

MADUM · September 2, 2023, 8:01am

Thank you very much for your attention, I was able to solve the problem. As you said, I didn’t add the url part
Struggling with python versions, I deleted it last and just realized