Add webui_wsma_https as an endpoint

smokeintheshell / CVE-2023-20198

CVE-2023-20198 Exploit PoC

38 stars 6 forks source link

Add webui_wsma_https as an endpoint #1

Open dswhite42 opened 9 months ago

dswhite42 commented 9 months ago

Thanks for making this very helpful tool. In addition to fetching:

http://{IP}/%2577eb%2575i_%2577sma_http

could you also add support for

https://{IP}/%2577eb%2575i_%2577sma_https

since that is also a valid endpoint where the vulnerability may be found (source: https://www.catonetworks.com/blog/cisco-ios-xe-privilege-escalation-cve-2023-20198/ and also testing on my own equipment).

Thanks again.

smokeintheshell commented 9 months ago

Thanks for the suggestion. I don't have means to test this right now, but can you verify whether this endpoint is accessible over http and vice versa with the http endpoint being accessible over https?

dswhite42 commented 9 months ago

I'm not certain. To be sure, I'd suggest testing both iterations of the endpoint regardless of whether you're testing HTTP or HTTPS.