支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: 1575887d54c4b6b1a745a172abd87d240d7a2d2c

来源
https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit
关联漏洞
标题:Progress Software Telerik Report Server 安全漏洞 (CVE-2024-4358)
Description:Progress Software Telerik Report Server是Progress Software公司的一种企业级报表管理和分发解决方案。 Progress Software Telerik Report Server 10.0.24.305及之前版本存在安全漏洞,该漏洞源于未经身份验证的攻击者可以通过身份验证绕过漏洞访问受限功能。
介绍
# CVE-2024-4358_Mass_Exploit
Modified tools from @sinsinology to do mass exploit. 

![CVE-2024-4358](https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit/blob/main/carbon.png)

# Requirements

- Python 3.x

# Installation

```
git clone https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit.git
cd CVE-2024-4358_Mass_Exploit
pip intstall -r requirements.txt
```

# How To Run

```
usage: python CVE-2024-4358.py --target-file targets.txt -c "whoami > C:\pwned.txt" --threads 10
options:
  -h, --help            show this help message and exit
  --target-file TARGET_FILE, -tf TARGET_FILE
                        File containing target IPs and ports (one per line, e.g: http://192.168.1.1:83)
  --command COMMAND, -c COMMAND
                        Command to execute
  --threads THREADS, -th THREADS
                        Number of threads to use (max: 100)
```

## Credit
* [SinSinology](https://twitter.com/SinSinology)

## Disclaimer
This software has been created purely for the purposes of academic research and for the development of effective defensive techniques, and is not intended to be used to attack systems except where explicitly authorized. Project maintainers are not responsible or liable for misuse of the software. Use responsibly.
文件快照

 [4.0K]  /data/pocs/1575887d54c4b6b1a745a172abd87d240d7a2d2c
├── [266K]  carbon.png
├── [ 11K]  exploit.py
├── [1.2K]  README.md
└── [  15]  requirements.txt

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。