__init__() takes from 2 to 5 positional arguments but 6 were given

[baicai888]

$ python3 exploit-rce.py http://wordpress/ id |=== Tatsudo: pre-auth RCE exploit for Tatsu wordpress plugin <= 3.3.8 |=== CVE-2021-25094 / Vincent MICHEL (@darkpills)

[+] Generating a zip with shell technique 'php' Traceback (most recent call last): File "exploit-rce.py", line 178, in main() File "exploit-rce.py", line 148, in main caller.generateZip(args.compressionLevel, args.technique, args.customShell, args.keep) File "exploit-rce.py", line 51, in generateZip with zipfile.ZipFile(buffer, "w", zipfile.ZIP_DEFLATED, False, compressionLevel) as zipFile: TypeError: init() takes from 2 to 5 positional arguments but 6 were given

[darkpills]

Python3.7+ changed ZipFile constructor. I made a fix, coud you test again?

[baicai888]

Thank you. It works now on my machine.