Share
## https://sploitus.com/exploit?id=9979EF8A-55D0-51D6-B971-24DB561F2931
# Proof of Concept script for CVE-2024-20767 

## Overview
`get-the-files.py` is a Python script that exploits a vulnerability in Adobe ColdFusion Servers (CVE-2024-20767) to read files from the server. The script is based on a method outlined at https://jeva.cc/2973.html.

## Disclaimer
This script is provided for educational purposes only. Unauthorized testing of servers, exploiting vulnerabilities without permission, and accessing or disclosing private data without consent are illegal and unethical activities. By using this script, you agree to do so within the bounds of the law and ethical guidelines. The author or contributors are not responsible for any misuse or damage caused by this script.

## Prerequisites
+ Python 3.x
+ `requests` library

## Installation

Before running the script, ensure you have Python 3.x installed on your system. You can download Python from the official website: https://www.python.org/downloads/.

To install the required requests library, run the following command:

```pip install requests```

## Usage

The script can be executed from the command line by providing the necessary arguments.

```
python get-the-files.py --endpoints <URLs> --port <PORT> --command <FILE_PATH>
``` 

Arguments
+ -e or --endpoints: Target Adobe ColdFusion Server URL(s). This argument is required and can accept multiple URLs separated by spaces.
+ -p or --port: Target server port. This argument is optional and defaults to 8500 if not provided.
+ -c or --command: The file path to read from the server. This argument is required.

### Example
```
python get-the-files.py --endpoints example.com another-example.com --port 8500 --command "/etc/passwd"
``` 

## Affected versions
ColdFusion servers with the Performance Monitoring Toolset enabled (and accessible via /pms) running the following versions are vulnerable:
+ ColdFusion 2023.6
+ ColdFusion 2021.12
+ Earlier versions

## License
This script is released under the MIT License. See the LICENSE file for more details.

## Contact
For any questions or concerns regarding this script, please open an issue on the GitHub repository.