漏洞平台

POC详情： b872d0c6baebf5a3504bcc4ac1c6c720520ecf23

来源

https://github.com/Mr-r00t11/CVE-2024-4879

关联漏洞

标题： ServiceNow 安全漏洞 (CVE-2024-4879)
描述：ServiceNow是美国ServiceNow公司的一个云计算平台。以帮助公司管理企业运营的数字工作流程。 ServiceNow存在安全漏洞。攻击者利用该漏洞可以在 Now Platform 环境中远程执行代码。

介绍

# CVE-2024-4879

CVE-2024-4879.py is a Python script designed to detect specific vulnerabilities in ServiceNow instances and dump database connection details if the vulnerability is found. This tool is particularly useful for security researchers and penetration testers.

## Features

- Scans URLs for a specific vulnerability in ServiceNow.
- Dumps database connection details if the vulnerability is detected.
- Handles SSL warnings and request timeouts.
- Provides clear console output with color-coded results.

## Requirements

- Python 3.x
- `requests` library
- `argparse` library
- `urllib3` library
- `colorama` library

## Installation

1. Clone the repository:

```
git clone https://github.com/Mr-r00t11/CVE-2024-4879.git
cd CVE-2024-4879
```

2. Install the required Python packages:

`pip install requests argparse urllib3 colorama`

## Usage

1. Prepare a file containing a list of URLs to scan. Each URL should be on a new line.
    
2. Run the script with the file as an argument:
    

`python CVE-2024-4879.py -f urls.txt`

### Example

`python CVE-2024-4879.py -f urls.txt`

### Output

![[Screenshot_1.png]](https://raw.githubusercontent.com/Mr-r00t11/CVE-2024-4879/main/img/Screenshot_1.png)

The script will output the results of the scan, indicating whether the vulnerability was found and whether the database connection details were successfully dumped. If the details are dumped, the relevant information will be printed in the following format:


```
glide.db.name = servicenow 
glide.db.rdbms = BD 
glide.db.url = jdbc:BD://127.0.0.1:3306/ 
glide.db.user = user 
glide.db.password = password
```
## Script Details

### `check_vulnerability(url)`

This function checks the given URL for the specific vulnerability. If found, it attempts to dump the database connection details.

### `format_db_details(details)`

This function formats the dumped database connection details to a readable format.

### `main()`

The main function handles the argument parsing and file reading, and it initiates the vulnerability checks.

## Disclaimer

This tool is intended for educational purposes and should only be used on systems where you have explicit permission to conduct security testing. Misuse of this tool may result in legal consequences.

文件快照


 [4.0K]  /data/pocs/b872d0c6baebf5a3504bcc4ac1c6c720520ecf23
├── [5.2K]  CVE-2024-4879.py
├── [4.0K]  img
│   └── [956K]  Screenshot_1.png
└── [2.2K]  README.md

1 directory, 3 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。