Help
CodeShare
Have some code. Share some code.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Python script to test if a F5 BIG-IP is vulnerable to cve-2023-46747

Niels_van_Sluis
MVP
MVP

on ‎02-Nov-2023 09:27

Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’.

Short Description

Python script to test if a F5 BIG-IP is vulnerable to cve-2023-46747

Problem solved by this Code Snippet

This script can help to determine if a F5 BIG-IP is vulernable to K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747. 

How to use this Code Snippet

Download the script and run it with Python 3. This script takes as input the F5 BIG-IP management IP-adres.

$ ./test_cve-2023-46747.py 10.23.92.6
Connecting to 10.23.92.6:443.
Connected to 10.23.92.6:443.
Send HTTP-request trying to add an account.
Try to login with new account.
Login successful.
Server 10.23.92.6 is vulnerable to CVE-2023-46747.
$

Code Snippet Meta Information

  1. Version: 0.1
  2. Coding Language: Python

Full Code Snippet

https://github.com/nvansluis/test_cve-2023-46747 

Labels:
Comments
Nikoolayy1
MVP
MVP
‎27-Nov-2023 04:38

Nice! I see that you used the sockets python library as the requests or http.client libraries are good for HTTP API requests but not so much for HTTP attacks as they have constraints like not allowing multiple Host headers etc.

0 Kudos
Niels_van_Sluis
MVP
MVP
‎29-Nov-2023 02:25

Thanks! You're right, I had to use the socket library to be able to send raw HTTP commands that are not RFC-compliant. 

0 Kudos
Version history
Last update:
‎02-Nov-2023 09:27
Updated by:
MVP
Contributors
Copyright © 2023 Khoros, LLC