Share
## https://sploitus.com/exploit?id=1351A828-2BE1-53F7-87C5-D30F21011589
OpenMetadata_RCE (CVE-2024-28255)	Batch scan/exploit
<br>  
<br>
<br>
1.このツールはセキュリティテストのみに使用されており、違法な攻撃については責任を負いません.
<br>
2.The tool is only used for security testing, and I am not responsible for any illegal attacks.
<br>
3.工具仅用于安全测试,任何非法攻击本人概不负责.
<br>
<br>
<br>
Help

Need to modify the DNS address in line 9 of the code.

```
python3 CVE-2024-28255.py --help

   _______      ________    ___   ___ ___  _  _        ___   ___ ___  _____ _____
  / ____\ \    / /  ____|  |__ \ / _ \__ \| || |      |__ \ / _ \__ \| ____| ____|
 | |     \ \  / /| |__ ______ ) | | | | ) | || |_ ______ ) | (_) | ) | |__ | |__
 | |      \ \/ / |  __|______/ /| | | |/ /|__   _|______/ / > _ < / /|___ \|___ \
 | |____   \  /  | |____    / /_| |_| / /_   | |       / /_| (_) / /_ ___) |___) |
  \_____|   \/   |______|  |____|\___/____|  |_|      |____|\___/____|____/|____/


                                                        PowerBy:YongYe_Security


usage: CVE-2024-28255.py [-h] (-u TARGET | -f FILE) [-t THREADS]

Python3 CVE-2024-28255.py -f url.txt -t 50

options:
  -h, --help  show this help message and exit
  -u TARGET   target URL
  -f FILE     target File
  -t THREADS  number of threads
```
<br>
<br>
All scan results will be saved in result.txt.
<br>
![image](https://github.com/YongYe-Security/CVE-2024-28255/blob/main/24_11-4-57-12-11-45.png)
<br>
<br>
The scanning results may not be accurate, for example: the target does not connect to the network, or the command does not exist.
<br>
![image](https://github.com/YongYe-Security/CVE-2024-28255/blob/main/24_12-4-2-12-01-704.png)