Skip to content

CVE-2024-2997 URL Vulnerability Scanner Released on GitHub

Link: https://github.com/lfillaz/CVE-2024-2997

Features

  • Generates a wide range of URLs based on a base URL.
  • Scans URLs for a specific command injection vulnerability.
  • Uses multithreading for faster scanning.
  • Displays results in a color-coded format.
  • Saves vulnerable URLs to a file for future reference.
  • Allows resuming scans from a previous session.

Requirements

  • Python 3.x
  • requests
  • colorama

You can install the required libraries using pip:

pip install requests colorama

Usage

  1. Clone the repository:

git clone https://github.com/yourusername/CVE-2024-2997.git
cd CVE-2024-2997

  1. Run the script:

python CVE-2024-2997.py

  1. Follow the on-screen instructions to input the base URL and start the scan.

How It Works

  1. The script prints an ASCII art banner and starts the scanning process.
  2. It checks if a previous session file scope.txt exists:
    • If it exists, the user can choose to continue scanning the URLs from the previous session or start a new session.
    • If it doesn't exist, a new session is started.
  3. The user inputs the base URL.
  4. The script generates a wide range of URLs based on the base URL.
  5. The user is prompted to start the scan.
  6. The script scans each URL for the command injection vulnerability, displaying the results in a color-coded format:
    • Vulnerable URLs are displayed in red.
    • Safe URLs are displayed in green.
  7. Results are saved to sus.txt.

Latest