This is a modified version of "CVE-2024-21887 Exploit Tool" , a robust tool for detecting and exploiting the CVE-2024-21887 vulnerability in Ivanti Connect and Policy Secure systems. New Bulk scanning feature was added.
CVE-2024-21887 is a critical command injection vulnerability, allowing authenticated admins to execute arbitrary commands. This tool aids in identifying and interacting with affected systems.
- Single URL Scan: Pinpoint focus on a single target.
- Bulk Scanning: Analyze multiple URLs from a file.
- Bulk IP Scanning: Analyze multiple IPs from user's input.
- Thread Control: Customize concurrent scanning with thread options.
- Output Logging: Save identified vulnerable URLs to a file.
- Install dependencies:
pip install -r requirements.txt
- Run the tool:
- Single URL:
python exploit.py -u <URL>
- Bulk scan:
python exploit.py -f <file-path>
- Bulk IP scan:
python exploit.py -ip IP-Range
- With threads:
python exploit.py -f <file-path> -t <number-of-threads>
- Save output:
python exploit.py -f <file-path> -o <output-file-path>
- Single URL: