关联漏洞
标题:
CyberPanel 安全漏洞
(CVE-2024-51378)
描述:CyberPanel是Usman Nasir个人开发者的一款内置了DNS和电子邮件服务器的虚拟主机控制面板。 CyberPanel存在安全漏洞,该漏洞源于dns/views.py 中的 getresetstatus 允许远程攻击者绕过身份验证并通过 /ftp/getresetstatus 执行任意命令。
描述
A Python script to scan websites for the CVE-2024-51378 vulnerability.
介绍
# CVE-2024-51378 Vulnerability Scanner
A Python script to scan websites for the CVE-2024-51378 vulnerability.
## Features
- Identifies vulnerable sites based on CSRF tokens and custom endpoints.
- Highlights results as `[GOOD]` or `[SAFE]` with color-coded outputs.
- Logs detailed scan results to a file.
- Displays ASCII art with project details.
## Requirements
- Python 3.6+
- Required libraries:
- `httpx`
- `pyfiglet`
## Installation
1. Clone the repository:
git clone https://github.com/i0x29A/CVE-2024-51378.git
cd CVE-2024-51378
2. Install dependencies:
pip install -r requirements.txt
## Usage
1. Prepare a file containing URLs to scan (one per line).
2. Run the script:
python3 scanner.py <file> <output>
- `<file>`: Path to the file with URLs.
- `<output>`: Path to save the log file.
### Example
File `targets.txt`:
http://example.com
http://testsite.org
Run the scanner:
python3 scanner.py targets.txt results.log
## Notes
- Use responsibly! This tool is for educational and testing purposes only.
- Ensure compliance with all applicable laws and policies when using the scanner.
## License
This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.
## Authors
- [@Luka Petrovic](https://github.com/refr4g)
- [@cr4shed](https://github.com/i0x29A)
文件快照
[4.0K] /data/pocs/fffdce51365432fc7348ca46bfb58ae6e23515c8
├── [3.2K] CVE-2024-51378.py
├── [1.0K] LICENSE
├── [1.3K] README.md
└── [ 15] requirements.txt
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。