关联漏洞
标题:Apache OFBiz 安全漏洞 (CVE-2024-38856)Description:Apache OFBiz是美国阿帕奇(Apache)基金会的一套企业资源计划(ERP)系统。该系统提供了一整套基于Java的Web应用程序组件和工具。 Apache OFBiz 18.12.14及之前版本存在安全漏洞,该漏洞源于存在授权错误漏洞,从而导致未经身份验证的端点可执行屏幕渲染代码。
Description
Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)
介绍
# CVE-2024-38856
For Ethical Usage only, Any harmful or malicious activities are not allowed. And it's your own responsibility.
CVE-2024-38856: Apache OFBiz remote code execution Scanner & Exploit
- This issue affects Apache OFBiz: through 18.12.14
# Usage
```
██████╗██╗ ██╗███████╗ ██████╗ ██████╗ ██████╗ ██╗ ██╗ ██████╗ █████╗ █████╗ ███████╗ ██████╗
██╔════╝██║ ██║██╔════╝ ╚════██╗██╔═████╗╚════██╗██║ ██║ ╚════██╗██╔══██╗██╔══██╗██╔════╝██╔════╝
██║ ██║ ██║█████╗█████╗ █████╔╝██║██╔██║ █████╔╝███████║█████╗█████╔╝╚█████╔╝╚█████╔╝███████╗███████╗
██║ ╚██╗ ██╔╝██╔══╝╚════╝██╔═══╝ ████╔╝██║██╔═══╝ ╚════██║╚════╝╚═══██╗██╔══██╗██╔══██╗╚════██║██╔═══██╗
╚██████╗ ╚████╔╝ ███████╗ ███████╗╚██████╔╝███████╗ ██║ ██████╔╝╚█████╔╝╚█████╔╝███████║╚██████╔╝
╚═════╝ ╚═══╝ ╚══════╝ ╚══════╝ ╚═════╝ ╚══════╝ ╚═╝ ╚═════╝ ╚════╝ ╚════╝ ╚══════╝ ╚═════╝
Github: https://github.com/securelayer7/CVE-2024-38856_Scanner
By: Securelayer7(yosef0x01 & Zeyad Azima)
usage: cve-2024-38856_Scanner.py [-h] [-t TARGET] [-p PORT] [-c COMMAND] [-s] [-d DOMAIN] [-f FILE]
CVE-2024-38856 Apach Ofbiz RCE Scanners.
options:
-h, --help show this help message and exit
-t TARGET, --target TARGET
Target host
-p PORT, --port PORT Target port
-c COMMAND, --command COMMAND
Command to execute
-s, --scan Perform scan with ping, curl, and wget
-d DOMAIN, --domain DOMAIN
Domain (attacker domain) to scan with ping, curl, and wget
-f FILE, --file FILE File containing a list of targets in the format http(s)://target,port
```
## Arguments
- `-t, --target <host>`: Specifies the target host. This cannot be used with the `--file` option.
- `-p, --port <port>`: Specifies the target port. Also, this option is required if the port is not specified in the targets file.
- `-c, --command <command>`: Specifies the command to execute on the target.
- `-s, --scan`: Enables scan mode. When this option is used, the script will perform a series of predefined commands (`ping`, `curl`, `wget`) on the specified domain.
- `-d, --domain <domain>`: Specifies your domain (attacker domain) to use in the scan with `ping`, `curl`, and `wget` commands. This option must be used with `--scan`.
- `-f, --file <file>`: Specifies a file containing a list of targets in the format `http(s)://target,port`. This option cannot be used with `--target`.
`Global Port`: When scanning targets file, You can exclude `,port` and use `-p` to set a global port for all targets.
## Single Target
- Normal Mode
```bash
python cve-2024-38856_Scanner.py -t <target> -p <port> -c "command"
```
- Scan Mode
```bash
python python cve-2024-38856_Scanner.py -t <target> -p <port> -s -d <domain>
```
## Targets File
- Normal Mode
```bash
python exploit.py -f <file> -c "command"
```
- Scan Mode W/ Global Port
```bash
python exploit.py -f <file> -p <port> -s -d <domain>
```
# Screenshot:
文件快照
[4.0K] /data/pocs/825e76d69ec88b65a1e866c3f7f91c4ca1929256
├── [7.8K] cve-2024-38856_Scanner.py
└── [5.1K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。