Environment

In Python Environment(3.10)

# It's strongly recommended to use the virtual environment)

pip3 install baseproxy
# python3.10 will raise an AttributeError if the version of pyOpenSSL(downloaded with baseproxy) is too low. Reinstalling the latest version will fix it.
pip3 uninstall pyOpenSSL 
pip3 install pyOpenSSL

# run
python3 Sophos-poc.py

In Docker

docker pull keithdockerhub/cve-2022-1040:latest # or build yourself
docker run -it -p 8788:8788  keithdockerhub/cve-2022-1040:latest

How to use

Make sure your browser use the http proxy: http://127.0.0.1:8788.
Fill in username and password with literally any contents.(It doesn't matter)
Click login.

The principle is the same as the burpsuite. It sets up a https mitm(man in the middle) and change the http body in a specific post request then we can get access to the web admin of Sophos Firewall without authentication.
Please do not use it for illegal purposes.

Reference

https://github.com/qiyeboy/BaseProxy
https://github.com/APTIRAN/CVE-2022-1040

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
Docker		Docker
README.md		README.md
Sophos-poc.py		Sophos-poc.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Docker

Docker

README.md

README.md

Sophos-poc.py

Sophos-poc.py

Repository files navigation

Environment

In Python Environment(3.10)

In Docker

How to use

Reference

About

Releases

Packages

Languages

Keith-amateur/cve-2022-1040

Folders and files

Latest commit

History

Repository files navigation

Environment

In Python Environment(3.10)

In Docker

How to use

Reference

About

Resources

Stars

Watchers

Forks

Languages