CVE-2024-4879.py is a Python script designed to detect specific vulnerabilities in ServiceNow instances and dump database connection details if the vulnerability is found. This tool is particularly useful for security researchers and penetration testers.
- Scans URLs for a specific vulnerability in ServiceNow.
- Dumps database connection details if the vulnerability is detected.
- Handles SSL warnings and request timeouts.
- Provides clear console output with color-coded results.
- Python 3.x
requestslibraryargparselibraryurllib3librarycoloramalibrary
- Clone the repository:
git clone https://github.com/jdusane/CVE-2024-4879.git
cd CVE-2024-4879
- Install the required Python packages:
pip install requests argparse urllib3 colorama
-
Prepare a file containing a list of URLs to scan. Each URL should be on a new line.
-
Run the script with the file as an argument:
python CVE-2024-4879.py -f urls.txt
python CVE-2024-4879.py -f urls.txt
The script will output the results of the scan, indicating whether the vulnerability was found and whether the database connection details were successfully dumped. If the details are dumped, the relevant information will be printed in the following format:
glide.db.name = servicenow
glide.db.rdbms = BD
glide.db.url = jdbc:BD://127.0.0.1:3306/
glide.db.user = user
glide.db.password = password
This function checks the given URL for the specific vulnerability. If found, it attempts to dump the database connection details.
This function formats the dumped database connection details to a readable format.
The main function handles the argument parsing and file reading, and it initiates the vulnerability checks.
This tool is intended for educational purposes and should only be used on systems where you have explicit permission to conduct security testing. Misuse of this tool may result in legal consequences.