关联漏洞
描述
A reconnaissance tool to detect CVE-1999-0524 (ICMP Timestamp Disclosure) by automating timestamp extraction via nping or hping3. Converts raw ICMP timestamps into human-readable remote system times for vulnerability validation.
介绍
# ICMP Timestamp Disclosure POC (CVE-1999-0524)
<a href="https://ibb.co/jvVtppFM"><img src="https://i.ibb.co/ccbqmmdF/icmp-poc1.png" alt="icmp-poc1" border="0"></a>
This Proof-of-Concept script demonstrates the **CVE-1999-0524** vulnerability, which allows remote attackers to obtain a target system's current date and time via **ICMP timestamp responses**.
---
## 🛡️ Vulnerability Information
- **CVE ID:** CVE-1999-0524
- **Severity:** Low (Information Disclosure)
- **Affected Systems:** Any system that responds to ICMP timestamp requests (Type 13)
- **Impact:** Remote disclosure of system time
---
## ✨ Features
- Automatically retrieves ICMP timestamps using either `nping` or `hping3`
- Manual mode for analyzing captured timestamps
- Converts timestamps to human-readable time format
- Vulnerability assessment with color-coded output
- Supports custom UTC dates for analysis
- Banner suppression option for scripting
---
## ⚙️ Requirements
- Linux-based operating system
- `nping` (from the Nmap package) or `hping3`
- Sudo privileges (for sending ICMP requests)
- Bash 4.0+
---
## 📦 Installation
### Install Required Tools
```bash
sudo apt update
sudo apt install nmap hping3
文件快照
[4.0K] /data/pocs/767e026810ad090b138ce1fe684e79f37ee7625e
├── [5.5K] icmp_timestamp.sh
└── [1.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。