Skip to content

NopSec/BlueImpScan

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 

Repository files navigation

PoC for CVE-2018-9206

About

Based on the following:

original Poc

Python Poc

Usage

usage: BlueimpScan.py [-h] [-p PREFIX] [-u USER_AGENT] host

CVE-2018-9206 PoC, initial release by Den1al, enhanced by NopSec

positional arguments:
  host                  the host to check, host:port, or CIDR range

optional arguments:
  -h, --help            show this help message and exit
  -p PREFIX, --prefix PREFIX
                        The prefix for the path
  -u USER_AGENT, --user-agent USER_AGENT
                        The user agent to send the requests with

Dependencies

pip3 install -r requirements.txt

Useful stuff to know

  • The path prefix is set to "jQuery-File-Upload-9.22.0", this may not reflect the default path of the vulnerable files on your server(s). If the default setting fails I'd recommend trying "jQuery-File-Upload".

  • There is no output for hosts that are not vulnerable.

Authors

Larry Cashdollar

Daniel Abeles

Shawn Evans

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages