CVE-2021-3773 PoC — netfilter 信息泄露漏洞

Source

https://github.com/d0rb/CVE-2021-3773

Associated Vulnerability

Title:netfilter 信息泄露漏洞 (CVE-2021-3773)
Description:netfilter是一款使用在Linux系统中的数据包过滤框架。 netfilter 中存在信息泄露漏洞。目前尚无此漏洞的相关信息，请随时关注CNNVD或厂商公告。

Description

This script exploits the "Port Shadow" vulnerability (CVE-2021-3773) in OpenVPN servers using Netfilter for NAT.

Readme


<div align="center">

 #  🇮🇱  **#BringThemHome #NeverAgainIsNow**   🇮🇱

**We demand the safe return of all citizens who have been taken hostage by the terrorist group Hamas. We will not rest until every hostage is released and returns home safely. You can help bring them back home.
https://stories.bringthemhomenow.net/**

</div>

# 🚀 Port Shadow Exploit (CVE-2021-3773) 🚀

### Description
This script exploits the "Port Shadow" vulnerability (CVE-2021-3773) in OpenVPN servers using Netfilter for NAT. The attack involves creating port shadows to deanonymize victims or perform a man-in-the-middle attack.

### Features
- **🎯 Targeted Attacks**: Dynamically detects the victim’s open ports.
- **⚡ Concurrent Threads**: Utilizes threading for efficient scanning.
- **🛡️ Advanced Stealth Techniques**: Randomizes scan intervals to evade detection.
- **📜 Detailed Logging**: Maintains logs of the attack process for monitoring.

### Requirements
- Python 3.x
- Scapy library
- Root or Administrator privileges

### Installation
1. **Clone the Repository**:
    ```sh
    git clone https://github.com/d0rb/CVE-2021-3773.git
    cd port-shadow-exploit
    ```

2. **Install Dependencies**:
    ```sh
    pip install -r requirements.txt
    ```

### Usage
1. **Configuration**:
    - Edit the script to set the appropriate IP addresses and port ranges.

2. **Run the Script**:
    ```sh
    sudo python3 port_shadow_exploit.py
    ```

### Ethical Use ⚖️
This script is for **educational purposes only**. Use it only in controlled environments with explicit permission. Unauthorized use can lead to **legal consequences**.

### Disclaimer
The authors are not responsible for any misuse of this script. Always follow ethical guidelines and ensure you have the proper authorization before conducting any network testing.


### Contributing 🤝
Contributions are welcome! Please submit a pull request or open an issue to discuss your ideas.

---

**Stay ethical, stay safe!** 🚀

---

File Snapshot


 [4.0K]  /data/pocs/742e2920401ba206e0ded9e5965ffda7ef5c0889
├── [3.1K]  PoC.py
└── [2.0K]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!