Exploit and Check Script for CVE 2022-1388

Last update: Dec 22, 2022

Overview

F5-CVE-2022-1388-Exploit

Exploit and Check Script for CVE 2022-1388

Usage

Check against single host

python3 CVE-2022-1388.py -v true -u target_url

Attack host and test command

python CVE_2022_1388.py -a true -u target_url -c command

Attack list of hosts

python CVE_2022_1388.py -s true -f file

masscheck.py will take a file input and check the hosts are vulnerable without exploiting them.

Detection:

Scanning for /mgmt/tm/util/bash as an endpoint, likely to be in web server logs. Or if you have a F5 go patch it, the affected versions are shown below and the patch is available here https://support.f5.com/csp/article/K23605346

Vulnerable Versions

BIG-IP versions 16.1.0 to 16.1.2 (Patch released)
BIG-IP versions 15.1.0 to 15.1.5 (Patch released)
BIG-IP versions 14.1.0 to 14.1.4 (Patch released)
BIG-IP versions 13.1.0 to 13.1.4 (Patch released)
BIG-IP versions 12.1.0 to 12.1.6 (End of Support)
BIG-IP versions 11.6.1 to 11.6.5 (End of Support)

Owner

Andy Gill

I hack things, write things and break things. So my life is full of things.

GitHub Repository

Anti-Nuke capabilities, powerful moderation features, auto punishments, captcha-verification and more.

Server-Security-Discord-Bot Anti-Nuke capabilities, powerful moderation features, auto punishments, captcha-verification and more. Installation Instal

20 Apr 07, 2022

POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL Pre-Auth RCE Injection Vulneralibity.

CVE-2021-26084 Description POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection V

9 Aug 31, 2022

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

FOSSLight Scanner Analyze at once for Open Source Compliance. FOSSLight Scanner performs open source analysis after downloading the source by passing

8 Nov 03, 2022

test application for the licence key web app.

licence_software_test_app Make sure you set your database values in a .env file to the folder. Install MYSQL connector: pip install mysql-connector-py

1 Oct 28, 2021

Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints.

jolokia-exploitation-toolkit Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints. Core concept Jolokia is a protocol br

194 Jan 01, 2023

Python decompiler for Python 1.5-2.4 (for historical archive)

This preserves the early code of a Python decompiler for Python versions 1.5 to 2.4. I have been able to install this using pyenv using Python 2.3.7 u

2 Jan 04, 2022

a cool, easily usable and customisable subdomains scanner

Subdah 🔎 another subdomains scanner. Installation ⚠️ Python 3.10 required ⚠️ $ git clone https://github.com/traumatism/subdah $ cd subdah $ pip3 inst

14 Oct 18, 2022

An forensics tool to help aid in the investigation of spoofed emails based off the email headers.

A forensic tool to make analysis of email headers easy to aid in the quick discovery of the attacker. Table of Contents About mailMeta Installation Us

59 Nov 26, 2022

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

1 Dec 15, 2021

JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

105 Dec 05, 2022

Magicspoofing - A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name

A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name. This project is for educational use, we are not responsible for i

20 Dec 02, 2022

A OSINT tool coded in python

Argus Welcome to Argus, a OSINT tool coded in python. Disclaimer I Am not responsible what you do with the information that is given to you by my tool

2 Mar 20, 2022

Scans for Log4j versions effected by CVE-2021-44228

check_mkExtension to check for log4j2 CVE-2021-44228 This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0) How it works Run i

4 Jun 30, 2022

Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers

Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers New Update : adding 'on-review' tag on an issue

13 Sep 19, 2021

Kriecher is a simple Web Scanner which will run it's own checks for the OWASP

Kriecher is a simple Web Scanner which will run it's own checks for the OWASP top 10 https://owasp.org/www-project-top-ten/# as well as run a

1 Nov 12, 2021

Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

Let's Git - Versionsverwaltung & Open Source Hausaufgabe Herzlich Willkommen zu

1 Jan 24, 2022

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains. Disc

35 Dec 12, 2022

Exploit and Check Script for CVE 2022-1388

Related tags

Overview

F5-CVE-2022-1388-Exploit

Usage

Detection:

Vulnerable Versions

Owner

Andy Gill

Anti-Nuke capabilities, powerful moderation features, auto punishments, captcha-verification and more.

POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL Pre-Auth RCE Injection Vulneralibity.

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

test application for the licence key web app.

Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints.

Python decompiler for Python 1.5-2.4 (for historical archive)

a cool, easily usable and customisable subdomains scanner

An forensics tool to help aid in the investigation of spoofed emails based off the email headers.

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

Magicspoofing - A python3 script for search possible misconfiguration in a DNS related to security protections of email service from the domain name

A OSINT tool coded in python

Scans for Log4j versions effected by CVE-2021-44228

Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers

Kriecher is a simple Web Scanner which will run it's own checks for the OWASP

Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

CVE-2021-26084 Remote Code Execution on Confluence Servers

log4j2 passive burp rce scanning tool get post cookie full parameter recognition

Create a secure tunnel from a custom domain to localhost using Fly and WireGuard.