Skip to content

POC for CVE-2024-40348. Will attempt to read /etc/passwd from target

Notifications You must be signed in to change notification settings

bigb0x/CVE-2024-40348

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 

Repository files navigation

CVE-2024-40348

POC for CVE-2024-40348 Bazaar v1.4.3 and prior. Will attempt to read /etc/passwd from target.

Banner

Overview

This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.

How to Use

Minimum Requirements

  • Python 3.6 or higher

Single Target:

python CVE-2024-40348.py -u http://target:7809 -p /etc/passwd

Bulk Sscan:

python CVE-2024-40348 -f file.txt -p /etc/passwd

Contact

For any suggestions or thoughts, please get in touch with me.

Disclaimer

I like to create my own tools for fun, work and educational purposes only. I do not support or encourage hacking or unauthorized access to any system or network. Please use my tools responsibly and only on systems where you have clear permission to test.

References

About

POC for CVE-2024-40348. Will attempt to read /etc/passwd from target

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages