POC详情: 4309d0d431ad3b46b353bb5202237f192d549ebf

来源
https://github.com/0nin0hanz0/CVE-2024-24919-PoC
关联漏洞
标题: Check Point Security Gateways 安全漏洞 (CVE-2024-24919)
描述:Check Point Security Gateways是以色列Check Point公司的一个人工智能驱动的 NGFW 安全网关。 Check Point Security Gateways 存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。
介绍
# CVE-2024-24919-PoC

![Screenshot of the exploit running.](https://github.com/0nin0hanz0/CVE-2024-24919-PoC/blob/main/screenshot.png)

## Vulnerability References
* https://nvd.nist.gov/vuln/detail/CVE-2024-24919
* https://censys.com/cve-2024-24919/
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24919
* https://support.checkpoint.com/results/sk/sk182336 (Hotfix)

## About CVE-2024-24919
The vulnerability allows an unauthenticated remote attacker to read certain files on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. Exploiting this vulnerability can result in accessing sensitive information on the Security Gateway and, in certain scenarios, can potentially lead the attacker to move laterally and gain domain admin privileges.

## Search Dorks
* **Shodan Dork:** title:"Check Point" || "Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7"
* **Fofa Dork:** app="Check_Point-SSL-Network-Extender"
* **Censys:**  risks.name="Vulnerable Check Point Quantum Spark Gateway [CVE-2024-24919]"
* **Nuclei Template:** https://github.com/johnk3r/nuclei-templates/blob/c226ece895c8e4e6aec22aff66f21e5b8b70e08e/http/cves/2024/CVE-2024-24919.yaml

## Instalation

- `git clone https://github.com/0nin0hanz0/CVE-2024-24919-PoC.git && cd CVE-2024-24919-PoC`
- `pip install -r requirements.txt`

## Run the Exploit
- For a single IP target: `python exploit.py --target 192.128.0.1`
- For a list of IP targets: `python exploit.py --file ips.txt` (file ips.txt contains IPs, one at each line. Results are written to file results.txt)

## LEGAL
This Proof of Concept source code (PoC) is made for educational and ethical testing purposes only. Usage of this tool for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. The PoC developers assume no liability and are not responsible for any misuse or damage caused by this program.

This PoC is licensed under the [GNU General Public License](https://www.gnu.org/licenses/gpl-3.0.en.html).
文件快照

 [4.0K]  /data/pocs/4309d0d431ad3b46b353bb5202237f192d549ebf
├── [5.4K]  exploit.py
├── [2.1K]  README.md
├── [  36]  requirements.txt
└── [ 46K]  screenshot.png

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。