CVE-2020-5902 PoC — F5 BIG-IP 路径遍历漏洞

Source

https://github.com/GovindPalakkal/EvilRip

Associated Vulnerability

Title:F5 BIG-IP 路径遍历漏洞 (CVE-2020-5902)
Description:F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP中存在路径遍历漏洞。攻击者可利用该漏洞执行任意的系统命令、创建或删除文件，关闭服务/执行任意的Java代码，可能完全入侵系统。以下产品及版本受到影响：F5 BIG-IP 15.1.0版本，15.0.0版本，14.1.0版本至14.1.2版本，13.1.0版本至13.1.3版本，12.1.0版本至12.1.5版本，11.6.1版本至11.6.5版本。

Description

It is  a small script to fetch out the  subdomains/ip vulnerable to CVE-2020-5902 written in bash

Readme

# Cve-2020-5029-finder
It is  a small script to fetch out the  subdomains/ip vulnerable to CVE-2020-5902 written in bash. 

# Affected Version
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
  
# Usage
In order to use this you need to install httporbe installed

#confuration
first list out the subdomains in a list.txt (with http/https) you can use httporbe for this
	 
	 cat list.txt | httprobe | tee -a domains (here the ip/domains will store as http or https://xx.xx.xx.xx)

	 ./cve-checker.sh /user/path_to_filtered_domians



![Test Image 1](https://github.com/GovindPalakkal/Cve-2020-5029-finder/blob/master/Screen%20Shot%202020-07-08%20at%204.54.59%20PM.png)

File Snapshot


 [4.0K]  /data/pocs/f5d0de8cf99667346c6cd1258d915e70e58ea2c9
├── [1.3K]  cve-checker.sh
├── [ 890]  README.md
└── [520K]  Screen Shot 2020-07-08 at 4.54.59 PM.png

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!