MCPcopy Index your code
hub / github.com/bcdannyboy/CVE-2023-44487

github.com/bcdannyboy/CVE-2023-44487 @main

Chat with this repo
repository ↗ · DeepWiki ↗ · + Follow
4 symbols 24 edges 1 files 4 documented · 100%
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

CVE-2023-44487

Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487

This tool checks to see if a website is vulnerable to CVE-2023-44487 completely non-invasively.

  1. The tool checks if a web server accepts HTTP/2 requests without downgrading them
  2. If the web server accepts and does not downgrade HTTP/2 requests the tool attempts to open a connection stream and subsequently reset it
  3. If the web server accepts the creation and resetting of a connection stream then the server is definitely vulnerable, if it only accepts HTTP/2 requests but the stream connection fails it may be vulnerable if the server-side capabilities are enabled.

To run,

$ python3 -m pip install -r requirements.txt

$ python3 cve202344487.py -i input_urls.txt -o output_results.csv

You can also specify an HTTP proxy to proxy all the requests through with the --proxy flag

$ python3 cve202344487.py -i input_urls.txt -o output_results.csv --proxy http://proxysite.com:1234

The script outputs a CSV file with the following columns

  • Timestamp: a timestamp of the request
  • Source Internal IP: The internal IP address of the host sending the HTTP requests
  • Source External IP: The external IP address of the host sending the HTTP requests
  • URL: The URL being scanned
  • Vulnerability Status: "VULNERABLE"/"LIKELY"/"POSSIBLE"/"SAFE"/"ERROR"
  • Error/Downgrade Version: The error or the version the HTTP server downgrades the request to

Note: "Vulnerable" in this context means that it is confirmed that an attacker can reset the a stream connection without issue, it does not take into account implementation-specific or volume-based detections

Dockerized

Build

$ docker build -t py-cve-2023-44487 .

Run:

$ docker run --rm -v /path/to/urls:/shared py-cve-2023-44487 -i /shared/input_urls.txt -o /shared/output_results.csv

Core symbols most depended-on inside this repo

get_source_ips
called by 1
cve202344487.py
check_http2_support
called by 1
cve202344487.py
send_rst_stream_h2
called by 1
cve202344487.py
extract_hostname_port_uri
called by 1
cve202344487.py

Shape

Function 4

Languages

Python100%

Modules by API surface

cve202344487.py4 symbols

For agents

$ claude mcp add CVE-2023-44487 \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact