CVE-2022-1388
F5 BIG-IP iControl REST vulnerability RCE exploit with Java and ELF.
Included
- Scan a single target
- Scan many targets
- Exploit with a shell
JDK11 required for jar file only. If you don't have JDK, you can run the linux executable (it is faster).
Setup LAB
- You can find the lab Here
Download
- Download windows executable file Here
- Download JAR file Here
- Download native executable for linux (x86_64) Here
Run
`user# java -jar CVE2022-1388.jar help`
or
`user# CVE2022-1388.exe help`
or
`user# ./exec help`
Output:
Scan a single target: `java -jar cve-2022-1388.jar scheck`
Scan targets from a file: `java -jar cve-2022-1388.jar mcheck`
Exploit a target: `java -jar cve-2022-1388.jar exploit`
Screenshot
Author
Contrib
Morad Abdelrasheed (Further updates soon)