Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-33617 PoC — Parks Fiberlink 操作系统命令注入漏洞

Source
https://github.com/Chocapikk/CVE-2023-33617
Associated Vulnerability
Title:Parks Fiberlink 操作系统命令注入漏洞 (CVE-2023-33617)
Description:Parks Fiberlink是Parks公司的一款高性能 OLT,旨在以快速且经济高效的方式向大量用户提供超宽带服务。 Parks Fiberlink 210 2.1.14_X000版本存在安全漏洞,该漏洞源于/boaform/admin/formPing target_addr参数存在问题,攻击者利用该漏洞可以进行操作系统命令注入。
Description
Authenticated OS command injection vulnerability (CVE-2023-33617)
Readme
# CVE-2023-33617

Authenticated OS command injection vulnerability (CVE-2023-33617) in Parks FiberLink 210 routers running firmware version V2.1.14_X000. This tool utilizes the APIs of ZoomEye and Shodan to search for vulnerable targets and then attempts to exploit the command injection vulnerability.

## Prerequisites

- Python 3.x
- Install the required dependencies using the provided `requirements.txt` file: `pip install -r requirements.txt`

## Usage

1. Export the API keys for ZoomEye and Shodan as environment variables:
   - ZoomEye API key: `export ZOOMEYE_API_KEY=Your_Zoomeye_API_Key`
   - Shodan API key: `export SHODAN_API_KEY=Your_Shodan_API_Key`
2. Run the `exploiter.py` script with the desired options:

```bash
python exploiter.py --shodan --zoomeye --threads 10 --pages 2 --user admin --password parks --output vulnerable.txt
```

## Options

- `--shodan`: Use Shodan API for target search
- `--zoomeye`: Use ZoomEye API for target search
- `--threads`: Number of threads to use for concurrent exploitation (default: 100)
- `--pages`: Number of pages to search in ZoomEye or Shodan (default: 1)
- `--user`: Username for authentication (default: admin)
- `--password`: Password for authentication (default: parks)
- `--output`: Output file to store the list of vulnerable hosts (default: vulnerable.txt)

## Output

The tool will display the progress and results of the exploitation process. It will print the vulnerable hosts and their command output. Additionally, the list of vulnerable hosts will be saved in the specified output file.

## Disclaimer

This tool is intended for educational and ethical purposes only. The authors are not responsible for any misuse or damage caused by this tool. Use it at your own risk.

## Credits
Original Write-Up: [https://blog.gbrls.space/blog/cve-2023-33617-writeup/](https://blog.gbrls.space/blog/cve-2023-33617-writeup/)
File Snapshot

 [4.0K]  /data/pocs/fa2a6c6d15fc22770194df10790d472ef3b97cf4
├── [9.8K]  exploit.py
├── [1.8K]  README.md
└── [  83]  requirements.txt

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.