From dba10c5644ce36a1a560689981ca1c79786d1e97 Mon Sep 17 00:00:00 2001
From: lozaning <lozaning@gmail.com>
Date: Sat, 22 Jun 2024 20:07:14 -0500
Subject: [PATCH] Update README.md

---
 README.md | 125 +-----------------------------------------------------
 1 file changed, 1 insertion(+), 124 deletions(-)

diff --git a/README.md b/README.md
index b24bb2d..2977d06 100644
--- a/README.md
+++ b/README.md
@@ -1,124 +1 @@
-# CVE-2024-30078 Detection and Command Execution Script
-
-This project contains a NASL script that detects the CVE-2024-30078 vulnerability and executes a specified command if the target is vulnerable. The script is designed to work with the Nessus tool, automatically handling target IP addresses and ports provided by Nessus during a scan.
-
-# Cyber Security Consultant <p><a href="https://www.linkedin.com/in/alperen-ugurlu-7b57b7178/">Alperen Ugurlu</a></p>
-
-<picture>
-<source
-  srcset="https://github-readme-stats.vercel.app/api?username=alperenugurlu&show_icons=true&theme=dark"
-  media="(prefers-color-scheme: dark)"
-/>
-<source
-  srcset="https://github-readme-stats.vercel.app/api?username=alperenugurlu&show_icons=true"
-  media="(prefers-color-scheme: light), (prefers-color-scheme: no-preference)"
-/>
-<img src="https://github-readme-stats.vercel.app/api?username=alperenugurlu&show_icons=true" />
-</picture>
-
-
-## What is CVE-2024-30078?
-
-CVE-2024-30078 is a critical vulnerability found in certain web applications or services that allows remote attackers to execute arbitrary commands on the affected system. This vulnerability arises due to improper input validation in the application's endpoint, which can be exploited by sending crafted HTTP requests.
-
-## How to Use
-
-### Save the Script
-
-Save the following NASL script as `cve_2024_30078_check.nasl`.
-
-```nasl
-if (description)
-{
-  script_id(123456);  # Unique script ID
-  script_version("1.2");
-  script_cve_id("CVE-2024-30078");
-  script_name("CVE-2024-30078 Detection and Command Execution");
-  script_summary("Detects CVE-2024-30078 vulnerability and executes a command if vulnerable.");
-
-  script_category(ACT_DESTRUCTIVE_ATTACK);
-  script_family("Web Servers");
-  script_copyright("Your Name");
-  script_dependencies("http_func.inc", "http_keepalive.inc");
-
-  exit(0);
-}
-
-# Include necessary Nessus libraries
-include("http_func.inc");
-include("http_keepalive.inc");
-
-# Define the endpoint and command to be executed
-endpoint = "/check";  # Replace with the actual endpoint
-command = "your_command_here";  # Replace with the actual command to be executed
-
-# Function to check vulnerability and execute command
-function check_vulnerability_and_execute(ip, port, endpoint, command)
-{
-  # Construct the URL and payload for the vulnerability check
-  url = string("http://", ip, ":", port, endpoint);
-  payload = string(
-    'POST ', endpoint, ' HTTP/1.1\r\n',
-    'Host: ', ip, '\r\n',
-    'Content-Type: application/json\r\n',
-    'Content-Length: 42\r\n',
-    '\r\n',
-    '{"command":"check_vulnerability","cve":"CVE-2024-30078"}'
-  );
-
-  # Send the request and receive the response
-  response = http_send_recv(data:payload, port:port);
-
-  # Check if the response indicates vulnerability
-  if ("\"vulnerable\": true" >< response[2])
-  {
-    security_hole(port);  # Report the vulnerability
-
-    # Construct the payload for command execution
-    payload_command = string(
-      'POST ', endpoint, ' HTTP/1.1\r\n',
-      'Host: ', ip, '\r\n',
-      'Content-Type: application/json\r\n',
-      'Content-Length: ', strlen(command) + 23, '\r\n',
-      '\r\n',
-      '{"command":"', command, '"}'
-    );
-
-    # Send the request to execute the command
-    http_send_recv(data:payload_command, port:port);
-  }
-  else
-  {
-    security_note(port);  # Report that the target is not vulnerable
-  }
-}
-
-# Get the list of target IP addresses and open ports from Nessus
-targets = get_host_open_ports();
-
-# Iterate over each target and check for the vulnerability
-foreach target (targets)
-{
-  ip = target["host"];
-  port = target["port"];
-  check_vulnerability_and_execute(ip, port, endpoint, command);
-}
-
-#Upload the Script to Nessus
-Upload the cve_2024_30078_check.nasl file to the Nessus plugins directory. This directory is typically located at /opt/nessus/lib/nessus/plugins/.
-
-#Create or Edit a Policy in Nessus
-In the Nessus user interface, create a new policy or edit an existing policy.
-Go to the Advanced section and find the option to add a NASL or Custom script.
-Add the cve_2024_30078_check.nasl script to the policy and save it.
-
-#Run the Scan
-Create a new scan in the Nessus interface and select the policy that includes the cve_2024_30078_check.nasl script.
-Start the scan and wait for the results.
-The scan results will indicate which targets are vulnerable to CVE-2024-30078 and will execute the specified command on those targets.
-
-#Notes
-Replace the endpoint variable with the actual endpoint of the target system.
-Replace the command variable with the command you wish to execute.
-The script will automatically handle IP addresses and ports provided by Nessus.
-
+This whole repo is bullshit and fake