Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-39986 PoC — RaspAP 命令注入漏洞

Source
https://github.com/mind2hex/CVE-2022-39986-RaspAP-2.8.0-2.8.7-RCE
Associated Vulnerability
Title:RaspAP 命令注入漏洞 (CVE-2022-39986)
Description:RaspAP是应用软件基于 Debian 的设备的简单无线 AP 设置和管理 RaspAP 2.8.0至2.8.7版本存在安全漏洞,该漏洞源于存在命令注入漏洞。允许攻击者通过参数cfg_id执行任意命令。
Description
bash script for automated discovery and exploitation of machines with the CVE-2022-39986 vulnerability
Readme
# RaspAP Hunter

RaspAP Hunter is a Bash script designed to scan for RaspAP installations and test them for a specific vulnerability CVE-2022-39986.

```
    ____                       ___     ____ 
   / __ \ ____ _ _____ ____   /   |   / __ \
  / /_/ // __ `// ___// __ \ / /| |  / /_/ /
 / _, _// /_/ /(__  )/ /_/ // ___ | / ____/ 
/_/ |_| \__,_//____// .___//_/  |_|/_/      
    __  __         /_/   __                    author: mind2hex
   / / / /__  __ ____   / /_ ___   _____    
  / /_/ // / / // __ \ / __// _ \ / ___/    
 / __  // /_/ // / / // /_ /  __// /        
/_/ /_/ \__,_//_/ /_/ \__/ \___//_/         
                                                         c=====e
   ____________                                         _,,_H__
  (__((__((___()    CVE-2022-39986                     //|     |
 (__((__((___()()_____________________________________// |ACME |
(__((__((___()()()------------------------------------/  |_____|

```

## Features
1. **Requirements Checking**: Checks for necessary dependencies and provides instructions for installation if missing.
3. **Shodan Integration**: Downloads and parses target IP addresses with RaspAP from Shodan.
4. **Vulnerability Scanning**: Scans for the specific CVE and provides feedback on vulnerable IPs.
5. **Reverse Shell Spawning**: Allows the user to spawn a reverse shell on a vulnerable target.

## Prerequisites

- shodan
- jq
- python
- ngrok
- terminator

## Usage

1. Clone this repository or download the script `raspap_hunter.sh`.
2. Make the script executable:

    ```bash
    chmod +x raspap_hunter.sh
    ```

3. Run the script:

    ```bash
    ./raspap_hunter.sh
    ```

## Notes

- Ensure that `php-reverse-shell.php` is available in the working directory or it will be downloaded from the provided URL.
- Make sure to configure Shodan with your API key.
- Follow the instructions if missing dependencies.

## Author

mind2hex

## Disclaimer

This script is for educational and research purposes only. Do not use this against any systems without explicit permission.

## License

Please see the license file in the repository.
File Snapshot

 [4.0K]  /data/pocs/65744f17043e1432e5f70886191b25b934ebe793
├── [ 34K]  LICENSE
├── [5.4K]  php-reverse-shell.php
├── [9.0K]  raspap_hunter.sh
└── [2.1K]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.