-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCVE-2024-40898 .py
37 lines (31 loc) · 1.55 KB
/
CVE-2024-40898 .py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import ssl
import socket
import argparse
def detect_ssl_verification_bypass(target_host, target_port):
"""
檢測目標 Apache HTTP Server 是否存在 CVE-2024-40898 (SSL 驗證繞過) 漏洞
:param target_host: 目標伺服器的主機名或 IP 地址
:param target_port: 目標伺服器的端口號
"""
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
context.verify_mode = ssl.CERT_OPTIONAL
try:
# 連接目標伺服器
with socket.create_connection((target_host, target_port)) as sock:
with context.wrap_socket(sock, server_hostname=target_host) as ssock:
ssock.sendall(b"HEAD / HTTP/1.1\r\nHost: {}\r\n\r\n".format(target_host.encode()))
response = ssock.recv(4096)
# 判斷回應是否表示存在漏洞
if b"200 OK" in response:
print(f"目標 {target_host}:{target_port} 可能存在 CVE-2024-40898 漏洞")
else:
print(f"目標 {target_host}:{target_port} 不存在 CVE-2024-40898 漏洞")
except Exception as e:
print(f"檢測過程中出錯: {e}")
if __name__ == "__main__":
parser = argparse.ArgumentParser(description='檢測 CVE-2024-40898 漏洞')
parser.add_argument('-u', '--url', required=True, help='目標伺服器的 URL')
args = parser.parse_args()
# 分割主機名和端口號
target_host, target_port = args.url.split(":")
detect_ssl_verification_bypass(target_host, int(target_port))