POC详情: 49e5eb921f5d097efbb7be894b03a0af8ec9d453

来源
https://github.com/CerTusHack/CVE-2024-3400-PoC
关联漏洞
标题: Palo Alto Networks PAN-OS 命令注入漏洞 (CVE-2024-3400)
描述:Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一款下一代防火墙软件。 Palo Alto Networks PAN-OS 10.2、11.0、11.1存在命令注入漏洞,该漏洞源于GlobalProtect 功能中存在命令注入漏洞,可能使未经身份验证的攻击者在防火墙上以 root权限执行任意代码。
介绍
This repo contains a script to set up the safe environment for exploitation and a script that is responsible for carrying out the exploitation stages of:
# CVE-2024-3400

# Palo Alto Firewall Test Environment

This repository provides a shell script that allows you to quickly set up a test environment for the Palo Alto firewall with the necessary configuration to test an exploit.

## Requirements

- Docker installed on your system.
- Internet connection to download the Palo Alto firewall container image.

## Usage Instructions

1. Clone this repository to your local machine:

```bash
git clone https://github.com/your-user/paloalto-test-environment.git
```

2. Navigate to the repository directory:

```bash
cd paloalto-test-environment
```

3. Run the shell script to configure the environment:

```bash
./configure_environment.sh
```

This script will perform the following actions:

- Create a Docker network for the environment.
- Run a container for the Palo Alto firewall.
- Configure firewall rules.
- Set up network segmentation.
- Implement authentication and authorization.
- Configure the intrusion detection system.
- Monitor and audit network traffic.
- Display information about the firewall version and status.

Note: Make sure to run the script with superuser privileges or execute permission.

## Additional Notes

- The script may take a few minutes to complete as it downloads the Palo Alto firewall container image and performs the necessary configurations.
- Once the environment is set up, you can use the `exploit.py` script to test an exploit on the Palo Alto firewall. Make sure to provide the firewall's IP address as an argument to the script.

## Contributions

Contributions are welcome. If you encounter any issues or have any suggestions for improvement, feel free to open an issue or submit a pull request.

## License

This project is licensed under the [GNU License](LICENSE).

---
文件快照

 [4.0K]  /data/pocs/49e5eb921f5d097efbb7be894b03a0af8ec9d453
├── [1.7K]  Environment.sh
├── [ 34K]  LICENSE
└── [1.9K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。