关联漏洞
标题:
Cisco IOS XE Software 安全漏洞
(CVE-2023-20198)
描述:Cisco IOS XE Software是美国思科(Cisco)公司的一个操作系统。用于企业有线和无线访问,汇聚,核心和WAN的单一操作系统,Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE Software 存在安全漏洞,该漏洞源于允许未经身份验证的远程攻击者在受影响的系统上创建具有特权的帐户。
描述
CVE-2023-20198 PoC (!)
介绍
# CVE-2023-20198
CVE-2023-20198 PoC (!)
## Description
perform actions on a target web server. The script demonstrates how to create a local user account, install an implant, restart the web server, check for the presence of the implant, and finally, clean up by deleting the created user account.
**Disclaimer:** This script is intended for educational purposes only. Unauthorized use of this script is strictly prohibited. Use at your own risk.
## Requirements
- Python 3.x
- Requests library (`pip install requests`)
## Usage
1. Replace the placeholder values in the script with the appropriate target details, such as URLs, usernames, passwords, and implant configuration content.
2. Execute the script in a secure and controlled environment.
```bash
python exploit_script.py
文件快照
[4.0K] /data/pocs/e168e943098dda156160bbc362e2257ea428d113
├── [1.6K] CVE-2023-20198.py
└── [ 784] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。