Based on the following:
usage: BlueimpScan.py [-h] [-p PREFIX] [-u USER_AGENT] host
CVE-2018-9206 PoC, initial release by Den1al, enhanced by NopSec
positional arguments:
host the host to check, host:port, or CIDR range
optional arguments:
-h, --help show this help message and exit
-p PREFIX, --prefix PREFIX
The prefix for the path
-u USER_AGENT, --user-agent USER_AGENT
The user agent to send the requests with
pip3 install -r requirements.txt
-
The path prefix is set to "jQuery-File-Upload-9.22.0", this may not reflect the default path of the vulnerable files on your server(s). If the default setting fails I'd recommend trying "jQuery-File-Upload".
-
There is no output for hosts that are not vulnerable.