OpenMetadata_RCE (CVE-2024-28255) Batch scan/exploit



1.このツールはセキュリティテストのみに使用されており、違法な攻撃については責任を負いません.
2.The tool is only used for security testing, and I am not responsible for any illegal attacks.
3.工具仅用于安全测试，任何非法攻击本人概不负责.


Help

Need to modify the DNS address in line 9 of the code.

python3 CVE-2024-28255.py --help

   _______      ________    ___   ___ ___  _  _        ___   ___ ___  _____ _____
  / ____\ \    / /  ____|  |__ \ / _ \__ \| || |      |__ \ / _ \__ \| ____| ____|
 | |     \ \  / /| |__ ______ ) | | | | ) | || |_ ______ ) | (_) | ) | |__ | |__
 | |      \ \/ / |  __|______/ /| | | |/ /|__   _|______/ / > _ < / /|___ \|___ \
 | |____   \  /  | |____    / /_| |_| / /_   | |       / /_| (_) / /_ ___) |___) |
  \_____|   \/   |______|  |____|\___/____|  |_|      |____|\___/____|____/|____/


                                                        PowerBy:YongYe_Security


usage: CVE-2024-28255.py [-h] (-u TARGET | -f FILE) [-t THREADS]

Python3 CVE-2024-28255.py -f url.txt -t 50

options:
  -h, --help  show this help message and exit
  -u TARGET   target URL
  -f FILE     target File
  -t THREADS  number of threads

All scan results will be saved in result.txt.

The scanning results may not be accurate, for example: the target does not connect to the network, or the command does not exist.