开发用于利用 f5-BIG Ip 产品的预授权远程代码执行的 CVE-2023-46747 的漏洞利用脚本 这是一个旨在利用易受攻击的 f5-BIG Ip 产品上的远程代码执行漏洞的脚本
git clone https://github.com/sanjai-AK47/CVE-2023-46747.git
cd CVE-2023-46747
pip install -r requirements.txt
python3 exploit.py python3 exploit.py -h
usage: exploit.py [-h] [-d DOMAIN] [-dL DOMAINS_LIST] [-cmd COMMAND] [-o OUTPUT] [-to TIME_OUT] [-px PROXY] [-v]
[DESCTIPTION]: Exploitation and Detection tool for Cisco CVE-2023-46747
options:
-h, --help show this help message and exit
-d DOMAIN, --domain DOMAIN
[INFO]: Target domain for exploiting without protocol eg:(www.domain.com)
-dL DOMAINS_LIST, --domains-list DOMAINS_LIST
[INFO]: Targets domain for exploiting without protocol eg:(www.domain.com)
-cmd COMMAND, --command COMMAND
[INFO]: Exploitation Shell command for Remote Code Execution
-o OUTPUT, --output OUTPUT
[INFO]: File name to save output
-to TIME_OUT, --time-out TIME_OUT
[INFO]: Switiching timeout will requests till for your timeout and also for BURPSUITE
-px PROXY, --proxy PROXY
[INFO]: Switiching proxy will send request to your configured proxy (eg: BURPSUITE)
-v, --verbose [INFO]: Switiching Verbose will shows offline targets
该工具的开发是为了利用合法和道德利用的漏洞,开发者 (ME) 不对非法或不道德的利用负责
该工具由 D.Sanjai Kumar 开发,如有任何更新和错误,请通过我提到的 Linkedin 页面联系我
谢谢你!
