关联漏洞
标题:
Ivanti多款产品 安全漏洞
(CVE-2025-0282)
描述:Ivanti Connect Secure(ICS)等都是美国Ivanti公司的产品。Ivanti Connect Secure是一款安全远程网络连接工具。Ivanti Policy Secure(IPS)是一个网络访问控制 (NAC) 解决方案。Ivanti Neurons是一款开创性的平台,能简化和自动化IT系统。 Ivanti多款产品存在安全漏洞,该漏洞源于存在基于堆栈的缓冲区溢出问题。攻击者利用该漏洞可以远程执行代码。以下产品及版本受到影响:Ivanti Connect Secure 22.7R2
描述
# CVE-2025-0282: Remote Code Execution Vulnerability in [StorkS]
介绍
# Storks: Remote Code Execution Vulnerability Exploitation Tool
## Overview
Storks is a Python-based Proof-of-Concept (PoC) tool designed to demonstrate a critical Remote Code Execution (RCE) vulnerability, identified as **CVE-2025-0282**, in a specific network appliance. This vulnerability can be exploited by sending a crafted POST request to a specific endpoint. This tool is intended for educational and research purposes only.
**Disclaimer:** Please note that using this tool on systems without proper authorization is illegal and unethical. We are not responsible for any damages or actions caused by misuse of this tool. Please use it responsibly and at your own risk.
## Vulnerability Description
The `/dana-na/auth/url_default/welcome.cgi` endpoint is vulnerable to a buffer overflow, which can be exploited to achieve remote code execution by overwriting the return address on the stack. This allows the attacker to execute arbitrary shellcode, potentially leading to full control of the system. The exploit uses Return-Oriented Programming (ROP) to bypass ASLR and execute the shell code correctly.
## How to Use
1. **Prerequisites:**
* A working Python 3.6+ environment.
* Libraries: `requests`, `struct`, `socket`, `ssl`, `urllib3`, `pymongo`, `openai`, `bson` and `google-generativeai`.
* WSL (Windows Subsystem for Linux) is recommended for `msfvenom`.
* A MongoDB server.
* An OpenAI API key.
* A reverse shell listener.
2. **Obtain Storks:** To obtain the full Storks application and secure download link, please contact me on Telegram: @AnonStorks
3. **Set up a Listener:** Configure your system to listen on the specified IP and port.
4. **Run the Exploit:** After obtaining the code, you can execute the Storks application and follow the on-screen prompts.
```bash
python exploit.py <target_ip>
```
* Replace `<target_ip>` with the IP address of the vulnerable target.
5. **Wait for success or error:** The code will attempt the exploit until it succeeds or until you stop it.
## Technical Details
The exploit attempts to gain code execution by exploiting a buffer overflow vulnerability present in the `/dana-na/auth/url_default/welcome.cgi` endpoint. The code attempts to overwrite the return address and inject shellcode into the vulnerable process. The code uses the following steps:
1. **Connects to the target:** Code first attempts to connect to the target system on port 443.
2. **Gets data from OpenAI:** Code makes a request to OpenAI API for system and exit address and a shell code.
3. **Generates Payload:** Code creates a partial overwrite payload with addresses from OpenAI API and a shell code generated by msfvenom or OpenAI.
4. **Sends payload:** Code sends the payload to the target system.
5. **Validates payload:** Checks for a specific pattern in the response of the server and makes a connection back to the attacker IP and port.
6. **Tries again:** The code repeats steps above until the connection is successful.
7. **Saves results:** After a successful connection, the results are stored in a MongoDB.
## Important Notes
* The Storks application is provided for educational purposes only. Use at your own risk and responsibly.
* Exploiting systems without authorization is illegal.
* This is a very specific exploit and may not work in all cases or versions of the vulnerable target.
* You can use the Storks application for testing and learning, but it must not be used for malicious purposes.
* Do not attempt to use this tool on a system that you do not have explicit permission to test.
## Disclaimer
The Storks application is provided "as is" without any warranty. The author is not responsible for any damages or illegal actions caused by the use of this code. Use responsibly and ethically.
## Contributing
Contributions are welcome. Feel free to open pull requests or report issues.
## Contact
For full code and secure download link, please contact me on Telegram: @AnonStorks
文件快照
[4.0K] /data/pocs/d4e4784c5a8955c295861c33c0d442d234fe9bd2
├── [1.0K] exploit.py
└── [3.9K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。