支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款

POC详情: d8e9c62b6fdbb1954edb29df8746c5212c504374

来源
https://github.com/cediegreyhat/BigFinger
关联漏洞
标题:F5 BIG-IP Configuration utility 安全漏洞 (CVE-2023-46747)
描述:F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP Configuration utility存在安全漏洞,该漏洞源于存在远程代码执行(RCE)漏洞。攻击者可利用该漏洞通过management port或self IP addresses执行任意系统命令。
描述
CVE-2023-46747-RCE PoC
介绍
# CVE-2023-46747 - Big-IP RCE (Unauthenticated)


This is a Python3 script to exploit the unauthenticated remote code execution vulnerability (CVE-2023-46747) in **F5 BIG-IP** appliances via the TMUI interface. Basically, if this vuln hits, you get a shell *without credentials*.

Built with threading, file input support, proxy handling, optional shell access, and can check for vulnerable targets in bulk. Made for security researchers, pentesters, and red teamers who need fast & dirty automation.

## 💥 What it does

* Checks for unauthenticated access to `/tmui/login.jsp`
* Creates a new user via a forged chunked request
* Resets the initial password to enable login
* Fetches a token via the MGMT API
* Launches bash commands or an interactive shell

## ⚙️ Usage

```
python3 bigrce.py -u https://<target> --check
python3 bigrce.py -u https://<target> --shell
python3 bigrce.py -f targets.txt -t 20 --check
python3 bigrce.py -f targets.txt --shell --proxy http://127.0.0.1:8080
```

## 📌 Options

* `-u <url>`: Single target mode
* `-f <file>`: File of targets (one per line)
* `-t <threads>`: Number of threads (default: 5)
* `--check`: Just check if target is vulnerable
* `--shell`: Launch interactive RCE shell
* `-p <proxy>`: Route traffic through Burp/ZAP

## 🛠️ Dependencies

* Python 3.6+
* `requests`
* `colorama` (optional, for colored output)

Install them via pip if needed:

```bash
pip3 install requests colorama
```

## 📁 targets.txt format

```
https://192.168.1.1
192.168.1.2
bigip.company.internal
```

It’ll auto-fix HTTPs if missing.

## 🚧 Notes

* Use with caution. Make sure you have permission.
* Tested against vulnerable F5 BIG-IP v16.x.x
* Default timeout is 2–5 seconds to avoid overloading targets

## 🧙‍♂️ Author

By [cediegreyhat](https://github.com/cediegreyhat) — this repo is inspired by real-world usage during assessments. Modify and expand as you see fit.

---

Stay safe. Hack responsibly. 🐉

Feel free to open PRs if you want to improve this tool!
文件快照

 [4.0K]  /data/pocs/d8e9c62b6fdbb1954edb29df8746c5212c504374
├── [8.3K]  bigrce.py
├── [  37]  dork.txt
├── [2.0K]  README.md
└── [ 16K]  targets.txt

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。