漏洞平台

POC详情： b74c0d0275206bbf282cd5db89538bcb30bbacfe

来源

https://github.com/0xsharz/telerik-scanner-cve-2017-9248

关联漏洞

标题： ASP.NET AJAX和Sitefinity Progress Telerik UI 安全漏洞 (CVE-2017-9248)
描述：ASP.NET AJAX是一个用于ASP.NET的控件；Sitefinity是一个开源的用于构建企业网站以及企业内部网络的平台。Progress Telerik UI是美国Telerik公司开发的一个用于处理AJAX的ASP.NET控件的UI（用户界面）。 ASP.NET AJAX R2 2017 SP1之前的版本和Sitefinity 10.0.6412.0之前的版本中的Progress Telerik UI的Telerik.Web.UI.dll存在安全漏洞，该漏洞源于程序没有正确的保护Telerik.

描述

Telerik CVE-2017-9248 Vulnerability Scanner

介绍

# Telerik CVE-2017-9248 Vulnerability Scanner

A Python scanner that discovers Telerik endpoints and tests for CVE-2017-9248 cryptographic vulnerability.

## Features

- **Quick & Discovery Modes**: Single path testing or comprehensive discovery (50+ paths)
- **Multi-threaded**: Fast concurrent endpoint enumeration
- **Version Detection**: Identifies specific Telerik versions
- **Proxy Support**: Works with Burp Suite and other tools

## Installation
```
git clone https://github.com/yourusername/telerik-scanner.git
cd telerik-scanner
pip install requests
```
## Usage

### Quick Mode (Default)
```python telerik_scanner.py -u https://target.com```

### Custom Path
```python telerik_scanner.py -u https://target.com --path /admin/Telerik.Web.UI.DialogHandler.aspx```

### Discovery Mode
```python telerik_scanner.py -u https://target.com -d```

### With Proxy
```python telerik_scanner.py -u https://target.com -d -p 127.0.0.1:8080```

## Arguments

| Flag | Description | Default |
|------|-------------|---------|
| `-u, --url` | Target URL (required) | - |
| `-d, --discover` | Enable path discovery | False |
| `--path` | Specific path to test | `/Telerik.Web.UI.DialogHandler.aspx` |
| `-p, --proxy` | Proxy server | - |
| `-t, --threads` | Thread count | 10 |

## CVE-2017-9248 Details
```
- **CVSS**: 9.8 (Critical)
- **Affected**: Versions prior to 2017.2.621
- **Impact**: Cryptographic compromise, file access, potential RCE
```
## Common Paths Tested
```
/Telerik.Web.UI.DialogHandler.aspx
/telerik/Telerik.Web.UI.DialogHandler.aspx
/admin/Telerik.Web.UI.DialogHandler.aspx
/cms/Telerik.Web.UI.DialogHandler.aspx
/Telerik.Web.UI.SpellCheckHandler.axd
/RadControls/
/aspnet_client/system_web/4_0_30319/RadControls/
```
## Example Output
```
[*] Testing specific path: https://target.com/Telerik.Web.UI.DialogHandler.aspx
[+] VULNERABLE TO CVE-2017-9248!
[+] Error message: Index was outside the bounds of the array.
[+] Detected version: 2016.2.504
```
## Remediation

1. Update to Telerik 2017.2.621+
2. Review access logs
3. Implement WAF rules
4. Remove unused components

## Disclaimer

For authorized testing only. Users responsible for proper authorization.

## References

- [CVE-2017-9248](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9248)
- [Original Research](https://github.com/bao7uo/dp_crypto)

文件快照


 [4.0K]  /data/pocs/b74c0d0275206bbf282cd5db89538bcb30bbacfe
├── [2.3K]  README.md
└── [ 16K]  telerik_scanner.py

0 directories, 2 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。