1vere$k POC on the CVE-2023-20198# cve-2023-20198
## Description.
1vere$k POC on the CVE-2023-20198 based on the [Blog](https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/). Also including a check on hexademical response according to the original [Cisco article](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z).
The script works in the two modes:
* `check` mode which is just makes a connection for the particular URL and checks a response code. If it is 200OK and in the same time response is less then 32 symbols it is a ***possibility*** your device is compromised.
* `exploit` mode. For the particular one you should define username, password, compromised configuration.
* added http/https schemas support as recommended in the Cisco article.
* for getting help just use `-h` flag.
## Example:
```
git clone https://github.com/iveresk/cve-2023-20198.git
cd cve-2023-21098
pip install -r requirements.txt
python3 cve-2023-21098.py -m check -s https -t <target>
For the help:
python3 cve-2023-21098.py -h
```
## Contact
You are free to contact me via [Keybase](https://keybase.io/1veresk) for any details.
[4.0K] /data/pocs/bcdc6f53cebf9fb8385348203b3df2a04cb034d4
├── [4.6K] cve-2023-20198.py
├── [1.0K] LICENSE
├── [1.2K] README.md
└── [ 28] requirements.txt
0 directories, 4 files