CVE-2023-20198 PoC — Cisco IOS XE Software 安全漏洞

Source

https://github.com/Tounsi007/CVE-2023-20198

Associated Vulnerability

Title:Cisco IOS XE Software 安全漏洞 (CVE-2023-20198)
Description:Cisco IOS XE Software是美国思科（Cisco）公司的一个操作系统。用于企业有线和无线访问，汇聚，核心和WAN的单一操作系统，Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE Software 存在安全漏洞，该漏洞源于允许未经身份验证的远程攻击者在受影响的系统上创建具有特权的帐户。

Description

CVE-2023-20198 PoC (!)

Readme

# CVE-2023-20198
CVE-2023-20198 PoC (!)
## Description
perform actions on a target web server. The script demonstrates how to create a local user account, install an implant, restart the web server, check for the presence of the implant, and finally, clean up by deleting the created user account.

**Disclaimer:** This script is intended for educational purposes only. Unauthorized use of this script is strictly prohibited. Use at your own risk.

## Requirements
- Python 3.x
- Requests library (`pip install requests`)

## Usage
1. Replace the placeholder values in the script with the appropriate target details, such as URLs, usernames, passwords, and implant configuration content.
2. Execute the script in a secure and controlled environment.

```bash
python exploit_script.py

File Snapshot


 [4.0K]  /data/pocs/e168e943098dda156160bbc362e2257ea428d113
├── [1.6K]  CVE-2023-20198.py
└── [ 784]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!