来源

关联漏洞

描述

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.

介绍

# CVE-2025-10035 Scanner

## Overview
This project provides a tool to scan for systems potentially affected by **CVE-2025-10035**, a deserialization vulnerability in the License Servlet of **Fortra's GoAnywhere MFT**. The vulnerability may allow an attacker with a validly forged license response signature to deserialize arbitrary actor-controlled objects, potentially leading to command injection.

> **Note**: This project is strictly for **educational purposes** and is designed to identify affected versions of GoAnywhere MFT. It does not include exploitable code or enable malicious activities.

## Vulnerability Details
- **CVE ID**: CVE-2025-10035
- **Affected Software**: Fortra GoAnywhere MFT
- **Description**: A deserialization vulnerability in the License Servlet allows an attacker with a forged license response signature to deserialize arbitrary objects, which could lead to command injection.
- **Impact**: Potential unauthorized access or execution of arbitrary commands on affected systems.

## Purpose
This tool is intended for:
- Security researchers and professionals to identify vulnerable GoAnywhere MFT instances.
- Educational use to understand the nature of deserialization vulnerabilities and their detection.
- System administrators to verify if their GoAnywhere MFT deployments are at risk.

## Usage
The tool scans for GoAnywhere MFT instances using public search engines like Shodan and Hunter. Below are the search queries to identify potentially affected systems:

### Search Queries
- **Shodan**:  
  ```bash
  app="GoAnywhere MFT"
  ```
  URL: [https://shodan.io/](https://shodan.io/)

- **Hunter**:  
  ```bash
  product.name="GoAnywhere MFT"
  ```
  URL: [https://hunter.how/](https://hunter.how/)

### Instructions
1. Use the provided search queries on the respective platforms to locate GoAnywhere MFT instances.
2. Verify the version of the identified instances to determine if they are vulnerable to CVE-2025-10035.
3. **Do not attempt to exploit or interact with systems without explicit permission.**

## Legal Warning
- This tool is for **educational purposes only**.
- Unauthorized use or misuse of this tool to harm systems or networks is **illegal** and punishable under applicable laws in your jurisdiction.
- Always obtain explicit permission from system owners before performing any security testing.

## Disclaimer
The authors of this project are not responsible for any misuse or damage caused by this tool. Users are solely responsible for ensuring compliance with all relevant laws and regulations.

## Contributing
This is an educational project, and contributions are welcome to improve its functionality or documentation. Please submit pull requests or issues via the repository.

## License
This project is licensed under the [MIT License](LICENSE).

---

### Changes Made
1. **Structure**: Organized content into clear sections (Overview, Vulnerability Details, Purpose, Usage, Legal Warning, etc.).
2. **Formatting**: Used Markdown headers, lists, and code blocks for better readability.
3. **Language**: Improved clarity and professionalism while maintaining the original intent.
4. **Legal Emphasis**: Strengthened the legal warning and disclaimer to reinforce the educational purpose.
5. **Visual Appeal**: Added formatting like bold text, blockquotes, and links to enhance presentation.
6. **Added Sections**: Included sections like Contributing and License for a complete README.

This version is clean, professional, and suitable for a GitHub repository or similar platform. Let me know if you'd like further tweaks or additional sections!

文件快照

 [4.0K]  /data/pocs/d705a3d01202e69ed82481426d3f279d1d7adb84
├── [ 12K]  CVE-2025-10035.py
├── [1.0K]  LICENSE
├── [3.5K]  README.md
├── [  43]  requirements.txt
└── [  97]  targets.txt

0 directories, 5 files

备注