Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-24919 PoC — Check Point Security Gateways 安全漏洞

Source
https://github.com/0nin0hanz0/CVE-2024-24919-PoC
Associated Vulnerability
Title:Check Point Security Gateways 安全漏洞 (CVE-2024-24919)
Description:Check Point Security Gateways是以色列Check Point公司的一个人工智能驱动的 NGFW 安全网关。 Check Point Security Gateways 存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。
Readme
# CVE-2024-24919-PoC

![Screenshot of the exploit running.](https://github.com/0nin0hanz0/CVE-2024-24919-PoC/blob/main/screenshot.png)

## Vulnerability References
* https://nvd.nist.gov/vuln/detail/CVE-2024-24919
* https://censys.com/cve-2024-24919/
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24919
* https://support.checkpoint.com/results/sk/sk182336 (Hotfix)

## About CVE-2024-24919
The vulnerability allows an unauthenticated remote attacker to read certain files on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. Exploiting this vulnerability can result in accessing sensitive information on the Security Gateway and, in certain scenarios, can potentially lead the attacker to move laterally and gain domain admin privileges.

## Search Dorks
* **Shodan Dork:** title:"Check Point" || "Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7"
* **Fofa Dork:** app="Check_Point-SSL-Network-Extender"
* **Censys:**  risks.name="Vulnerable Check Point Quantum Spark Gateway [CVE-2024-24919]"
* **Nuclei Template:** https://github.com/johnk3r/nuclei-templates/blob/c226ece895c8e4e6aec22aff66f21e5b8b70e08e/http/cves/2024/CVE-2024-24919.yaml

## Instalation

- `git clone https://github.com/0nin0hanz0/CVE-2024-24919-PoC.git && cd CVE-2024-24919-PoC`
- `pip install -r requirements.txt`

## Run the Exploit
- For a single IP target: `python exploit.py --target 192.128.0.1`
- For a list of IP targets: `python exploit.py --file ips.txt` (file ips.txt contains IPs, one at each line. Results are written to file results.txt)

## LEGAL
This Proof of Concept source code (PoC) is made for educational and ethical testing purposes only. Usage of this tool for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. The PoC developers assume no liability and are not responsible for any misuse or damage caused by this program.

This PoC is licensed under the [GNU General Public License](https://www.gnu.org/licenses/gpl-3.0.en.html).
File Snapshot

 [4.0K]  /data/pocs/4309d0d431ad3b46b353bb5202237f192d549ebf
├── [5.4K]  exploit.py
├── [2.1K]  README.md
├── [  36]  requirements.txt
└── [ 46K]  screenshot.png

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.