Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-4879 PoC — ServiceNow 安全漏洞

Source
https://github.com/Mr-r00t11/CVE-2024-4879
Associated Vulnerability
Title:ServiceNow 安全漏洞 (CVE-2024-4879)
Description:ServiceNow是美国ServiceNow公司的一个云计算平台。以帮助公司管理企业运营的数字工作流程。 ServiceNow存在安全漏洞。攻击者利用该漏洞可以在 Now Platform 环境中远程执行代码。
Readme
# CVE-2024-4879

CVE-2024-4879.py is a Python script designed to detect specific vulnerabilities in ServiceNow instances and dump database connection details if the vulnerability is found. This tool is particularly useful for security researchers and penetration testers.

## Features

- Scans URLs for a specific vulnerability in ServiceNow.
- Dumps database connection details if the vulnerability is detected.
- Handles SSL warnings and request timeouts.
- Provides clear console output with color-coded results.

## Requirements

- Python 3.x
- `requests` library
- `argparse` library
- `urllib3` library
- `colorama` library

## Installation

1. Clone the repository:

```
git clone https://github.com/Mr-r00t11/CVE-2024-4879.git
cd CVE-2024-4879
```

2. Install the required Python packages:

`pip install requests argparse urllib3 colorama`

## Usage

1. Prepare a file containing a list of URLs to scan. Each URL should be on a new line.
    
2. Run the script with the file as an argument:
    

`python CVE-2024-4879.py -f urls.txt`

### Example

`python CVE-2024-4879.py -f urls.txt`

### Output

![[Screenshot_1.png]](https://raw.githubusercontent.com/Mr-r00t11/CVE-2024-4879/main/img/Screenshot_1.png)

The script will output the results of the scan, indicating whether the vulnerability was found and whether the database connection details were successfully dumped. If the details are dumped, the relevant information will be printed in the following format:


```
glide.db.name = servicenow 
glide.db.rdbms = BD 
glide.db.url = jdbc:BD://127.0.0.1:3306/ 
glide.db.user = user 
glide.db.password = password
```
## Script Details

### `check_vulnerability(url)`

This function checks the given URL for the specific vulnerability. If found, it attempts to dump the database connection details.

### `format_db_details(details)`

This function formats the dumped database connection details to a readable format.

### `main()`

The main function handles the argument parsing and file reading, and it initiates the vulnerability checks.

## Disclaimer

This tool is intended for educational purposes and should only be used on systems where you have explicit permission to conduct security testing. Misuse of this tool may result in legal consequences.
File Snapshot

 [4.0K]  /data/pocs/b872d0c6baebf5a3504bcc4ac1c6c720520ecf23
├── [5.2K]  CVE-2024-4879.py
├── [4.0K]  img
│   └── [956K]  Screenshot_1.png
└── [2.2K]  README.md

1 directory, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.