漏洞平台

POC详情： 2c1e7f0757c721e2ebb301f0657d8e311db9f47d

来源

https://github.com/RevoltSecurities/CVE-2023-20198

关联漏洞

标题： Cisco IOS XE Software 安全漏洞 (CVE-2023-20198)
描述：Cisco IOS XE Software是美国思科（Cisco）公司的一个操作系统。用于企业有线和无线访问，汇聚，核心和WAN的单一操作系统，Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE Software 存在安全漏洞，该漏洞源于允许未经身份验证的远程攻击者在受影响的系统上创建具有特权的帐户。

描述

An Exploitation script developed to exploit the CVE-2023-20198 Cisco zero day vulnerability on their IOS routers

介绍

# CVE-2023-20198
An Exploitation script developed to exploit the CVE-2023-20198 Cisco zero day vulnerability on their IOS XE

Hackers have been widely exploiting the this vulnerability which creates a 15 level privilege user by bypassing the authentication
Which a malicous xml content make this exploitation the webui endpoint of cisco.This is not only for Exploitation also detects
vulneable implant for exploitations and The tool can also use for mass detectiona and exploitation!.

# Installation
```bash
git clone https://github.com/sanjai-AK47/CVE-2023-20198.git
cd CVE-2023-20198
pip install -r requirements.txt
```

# Usages:

## Modes:

```bash
python3 exploit.py --help                                                                                        
usage: exploit.py [-h] {Detect,Exploit} ...

[DESCTIPTION]: Exploitation and Detection tool for Cisco CVE-2023-20198

options:
  -h, --help        show this help message and exit

[MODE]: Exploitation | Detections  Modes:
  {Detect,Exploit}  [INFO]: Select either Exploit or Detect mode
    Detect          [INFO]: Detection mode detect the vulnerable implant to exploit
    Exploit         [INFO]: Exploitation mode exploit the vulnerable implant of CVE-2023-20198

```

## Detection:

```bash
python3 exploit.py Detect -h                                                                        
usage: exploit.py Detect [-h] [-d DOMAIN] [-dL DOMAINS_LIST] [-px PROXY] [-to TIME_OUT] [-o OUTPUT] [-v]

options:
  -h, --help            show this help message and exit
  -d DOMAIN, --domain DOMAIN
                        [INFO]: Target domain for exploiting without protocol eg:(www.domain.com)
  -dL DOMAINS_LIST, --domains-list DOMAINS_LIST
                        [INFO]: Targets domain for exploiting without protocol eg:(www.domain.com)
  -px PROXY, --proxy PROXY
                        [INFO]: Switiching proxy will send request to your configured proxy (eg: BURPSUITE)
  -to TIME_OUT, --time-out TIME_OUT
                        [INFO]: Switiching timeout will requests till for your timeout and also for BURPSUITE
  -o OUTPUT, --output OUTPUT
                        [INFO]: File name to save output
  -v, --verbose         [INFO]: Switching verbose will shows failed and offline targets


```
## Exploitation

```bash
python3 exploit.py Exploit -h                                                                                    
usage: exploit.py Exploit [-h] [-cfc CONFIG_CONTENT] [-d DOMAIN] [-dL DOMAINS_LIST] [-px PROXY] [-to TIME_OUT] [-o OUTPUT] [-v]

options:
  -h, --help            show this help message and exit
  -cfc CONFIG_CONTENT, --config-content CONFIG_CONTENT
                        [INFO]: Customized config contents for exploitation
  -d DOMAIN, --domain DOMAIN
                        [INFO]: Target domain for exploiting without protocol eg:(www.domain.com)
  -dL DOMAINS_LIST, --domains-list DOMAINS_LIST
                        [INFO]: Targets domain for exploiting without protocol eg:(www.domain.com)
  -px PROXY, --proxy PROXY
                        [INFO]: Switiching proxy will send request to your configured proxy (eg: BURPSUITE)
  -to TIME_OUT, --time-out TIME_OUT
                        [INFO]: Switiching timeout will requests till for your timeout and also for BURPSUITE
  -o OUTPUT, --output OUTPUT
                        [INFO]: File name to save output
  -v, --verbose         [INFO]: Switching verbose will shows failed and offline targets

```

# Information:

Since the exploitation and detection tool is developed by theoritical poc by [Horizona3](https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-deep-dive-and-poc/)https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-deep-dive-and-poc/Imp which is help me to develop this 
tool for this CVE and for detection it can detect the vulnerable cisco implant but for proper exploitation users needs to pass the malicous XML content that is is theoritical poc of horizona3 need
to be given by users for exploitations because of only theoritical explaination have to do this but soon after proper information and resources will upgrade this exploitation and detection Tool


# Warning:
Important thing if any unethical exploitation the I'm not responsible for any illegal actions so plese use this for ethical and legal 
purposes

Proof of conept Developed by [D.Sanjai Kumar](https://www.linkedin.com/in/d-sanjai-kumar-109a7227b/) with ♥️ for any upgrade and miscoded contact me throguh my [LinkedIn](https://www.linkedin.com/in/d-sanjai-kumar-109a7227b/).
Thank you!

文件快照


 [4.0K]  /data/pocs/2c1e7f0757c721e2ebb301f0657d8e311db9f47d
├── [ 19K]  exploit.py
├── [1.0K]  LICENSE
├── [4.4K]  README.md
└── [  50]  requirements.txt

0 directories, 4 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。