关联漏洞
Description
Bulk scanning tool for ServiceNow CVE-2024-4879 vulnerability
介绍
# CVE-2024-4879
Bulk scanning tool for ServiceNow CVE-2024-4879 vulnerability.
## Overview
This tool is designed for bulk scanning of the ServiceNow CVE-2024-4879 vulnerability. It is inspired by [Assetnote](https://www.assetnote.io/resources/research/chaining-three-bugs-to-access-all-your-servicenow-data) security research, which covers the recent ServiceNow CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217 vulnerabilities in detail.
## How to Use
### Minimum Requirements
- Python 3.6 or higher
- `requests` library
### Single Target:
```sh
python CVE-2024-4879.py -u https://target:9090
```
### Bulk Sscan:
```sh
python CVE-2024-4879.py -f targets.txt
```
## Contact
For any suggestions or thoughts, please get in touch with [me](https://x.com/MohamedNab1l).
## Disclaimer
I like to create my own tools for fun, work and educational purposes only. I do not support or encourage hacking or unauthorized access to any system or network. Please use my tools responsibly and only on systems where you have clear permission to test.
## References
- https://www.assetnote.io/resources/research/chaining-three-bugs-to-access-all-your-servicenow-data
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4879
文件快照
[4.0K] /data/pocs/d91d1e2092a61ca2cfaa21a4aadc4e7fdc0e9858
├── [5.3K] CVE-2024-4879.py
├── [1.2K] README.md
└── [4.0K] screens
└── [149K] screen.jpg
1 directory, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。