PAN-OS Firewall Exploit Script

This script is designed to demonstrate the exploitation of vulnerabilities in PAN-OS firewalls. It sends a specially crafted payload to the firewall's API endpoint to execute arbitrary commands.

Note: Please ensure that you only use this script for legal and ethical purposes, and only on machines that you have permission to test on.

Usage

To use this project, follow these steps:

1. Clone this repo:

   git clone https://github.com/DrewskyDev/CVE-2024-3400
   
   

2. Change directory to the repo:

   cd CVE-2024-3400
   
   

3. Install the required modules:

   pip install -r requirements.txt
   
   

4. Run the python script.

   python3 PoC.py
   
   

Follow the prompts to enter the IP address of the vulnerable PAN-OS firewall and the payload to execute. Optionally, enter 'q' to quit the script.

References

• https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-pan-os-firewall-zero-day-used-in-attacks/
• https://security.paloaltonetworks.com/CVE-2024-3400