Web Server Vulnerability: A Quick CVE-2023-44487 Scan

by do son · October 11, 2023

Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487.

This tool checks to see if a website is vulnerable to CVE-2023-44487 completely non-invasively.

The tool checks if a web server accepts HTTP/2 requests without downgrading them
If the web server accepts and does not downgrade HTTP/2 requests the tool attempts to open a connection stream and subsequently reset it
If the web server accepts the creation and resetting of a connection stream then the server is definitely vulnerable, if it only accepts HTTP/2 requests but the stream connection fails it may be vulnerable if the server-side capabilities are enabled.

Download

git clone https://github.com/bcdannyboy/CVE-2023-44487.git

To run,

$ python3 -m pip install -r requirements.txt

$ python cve202344487.py -i input_urls.txt -o output_results.csv

You can also specify an HTTP proxy to proxy all the requests through with the –proxy flag

$ python cve202344487.py -i input_urls.txt -o output_results.csv –proxy http://proxysite.com:1234

The script outputs a CSV file with the following columns

Timestamp: a timestamp of the request
Source Internal IP: The internal IP address of the host sending the HTTP requests
Source External IP: The external IP address of the host sending the HTTP requests
URL: The URL being scanned
Vulnerability Status: “VULNERABLE”/”LIKELY”/”POSSIBLE”/”SAFE”/”ERROR”
Error/Downgrade Version: The error or the version the HTTP server downgrades the request to