開發用於利用 f5-BIG Ip 產品的預授權遠端程式碼執行的 CVE-2023-46747 的漏洞利用腳本 這是一個旨在利用易受攻擊的 f5-BIG Ip 產品上的遠端程式碼執行漏洞的腳本
git clone https://github.com/sanjai-AK47/CVE-2023-46747.git
cd CVE-2023-46747
pip install -r requirements.txt
python3 exploit.py python3 exploit.py -h
usage: exploit.py [-h] [-d DOMAIN] [-dL DOMAINS_LIST] [-cmd COMMAND] [-o OUTPUT] [-to TIME_OUT] [-px PROXY] [-v]
[DESCTIPTION]: Exploitation and Detection tool for Cisco CVE-2023-46747
options:
-h, --help show this help message and exit
-d DOMAIN, --domain DOMAIN
[INFO]: Target domain for exploiting without protocol eg:(www.domain.com)
-dL DOMAINS_LIST, --domains-list DOMAINS_LIST
[INFO]: Targets domain for exploiting without protocol eg:(www.domain.com)
-cmd COMMAND, --command COMMAND
[INFO]: Exploitation Shell command for Remote Code Execution
-o OUTPUT, --output OUTPUT
[INFO]: File name to save output
-to TIME_OUT, --time-out TIME_OUT
[INFO]: Switiching timeout will requests till for your timeout and also for BURPSUITE
-px PROXY, --proxy PROXY
[INFO]: Switiching proxy will send request to your configured proxy (eg: BURPSUITE)
-v, --verbose [INFO]: Switiching Verbose will shows offline targets
該工具的開發是為了利用合法和道德利用的漏洞,開發者 (ME) 不對非法或不道德的利用負責
該工具由 D.Sanjai Kumar 開發,如有任何更新和錯誤,請透過我提到的 Linkedin 頁面與我
謝謝你!
