漏洞平台

POC详情： 933f3cc7a7d2d819eb341264a4f6a89ab0cd11f4

来源

https://github.com/yassineaboukir/CVE-2018-0296

关联漏洞

标题： 多款Cisco产品ASA Software和Firepower Threat Defense Software 输入验证错误漏洞 (CVE-2018-0296)
描述：Cisco 3000 Series Industrial Security Appliance（ISA）等都是美国思科（Cisco）公司的安全设备。ASA Software和Firepower Threat Defense (FTD) Software都是分别运行在不同设备中的操作系统。多款Cisco产品中的ASA Software和FTD Software的Web界面存在输入验证漏洞，该漏洞源于程序缺少对HTTP URL的正确验证。远程攻击者可通过向受影响设备发送特制的HTTP请求利用该漏洞造成拒绝服

描述

Script to test for Cisco ASA path traversal vulnerability (CVE-2018-0296) and extract system information.

介绍

                                  Cisco Adaptive Security Appliance - Path Traversal
                                                CVE-2018-0296
                                            Author: Yassine Aboukir
                            
<p align="center"><a target="_blank" href="https://twitter.com/yassineaboukir"><img src="https://img.shields.io/twitter/follow/yassineaboukir.svg?logo=twitter"></a></p>

A security vulnerability identified in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.

## Vulnerable Products
This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products:

    3000 Series Industrial Security Appliance (ISA)
    ASA 1000V Cloud Firewall
    ASA 5500 Series Adaptive Security Appliances
    ASA 5500-X Series Next-Generation Firewalls
    ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
    Adaptive Security Virtual Appliance (ASAv)
    Firepower 2100 Series Security Appliance
    Firepower 4100 Series Security Appliance
    Firepower 9300 ASA Security Module
    FTD Virtual (FTDv)

## Script usage
- Installation: `git clone https://github.com/yassineaboukir/CVE-2018-0296.git`
- Usage *(Please use Python 3)*: `python3 cisco_asa.py <URL>` (E.g python cisco_asa.py https://vpn.example.com/)

If the web server is vulnerable, the script will dump in a text file both the content of the current directory, files in `+CSCOE+`, active sessions as well as valid enumerated usernames.

**Disclaimer:** please note that due to the nature of the vulnerability disclosed to Cisco, this exploit could result in a DoS so test at your own risk.

## References:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd

文件快照


 [4.0K]  /data/pocs/933f3cc7a7d2d819eb341264a4f6a89ab0cd11f4
├── [2.8K]  cisco_asa.py
└── [1.9K]  README.md

0 directories, 2 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。