This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
HeikoAnkenbrand
Champion Champion
Champion
‎2024-06-04 03:22 AM

ONELINER - Password Bulk Operation (CVE-2024-24919)

These three oneliners allow you to reset the passwords of all users in the SmartConsole or to restrict access of all users.

Important!

If you run this onliner on the Smart Center Server, all users settings will be changed accordingly.
You should therefore back up the management server first. More read here:
- sk108902: Best Practices - Backup on Gaia OS (I would recommend a snapshot or a migrate server export of the SMS.)


         Set all users to ‘undefined’


This onliner sets all users defined in the SmartConsole under ‘User’ to ‘undefined’ as bulk operation.
This means that users can no longer log in using their username and password.

undef_bulk_54354345.jpg

1) Execute this oneliner on SMS

 

clear; echo -e "CVE-2024-24919 password bulk operation by Heiko Ankenbrand 2024\n\n";mgmt_cli -r true show users details-level "full" limit 500 offset 0 | grep name | grep -v SMC | awk '{split($0,a," "); print a[2]}' |sed 's/\"//g' |sed 's/\n//' | tr -d '\r'  |awk '$test=$0;{system("echo -n $test")}' >user.txt ; for i in $(cat user.txt); do   test1=" ende"; test="mgmt_cli -r true set user name \""${i}"\" authentication-method \"undefined\""; echo -e "\n\n${test}";$test; done;

 

2) Install the policy in the SmartConsole after you have run this onliner


         Set all user to the same password


This onliner sets all users defined in the SmartConsole under ‘User’ to default password as bulk operation.
This means that all users then have the password they have set.
undef_bulk_2_432423423.jpg

1) Execute this oneliner on SMS

 

clear; echo -e "CVE-2024-24919 password bulk operation by Heiko Ankenbrand 2024\n\n";read -p "Default password for all user (max. 8 characters): " pass;mgmt_cli -r true show users details-level "full" limit 500 offset 0 | grep name | grep -v SMC | awk '{split($0,a," "); print a[2]}' |sed 's/\"//g' |sed 's/\n//' | tr -d '\r'  |awk '$test=$0;{system("echo -n $test")}' >user.txt ; for i in $(cat user.txt); do   test1=" ende"; test="'mgmt_cli -r true set user name \""${i}"\" authentication-method \"check point password\" password \""${pass}"\"'"; test=${test//\'}; echo -e "\n\n${test}"; echo $test |awk '{system($0)}'; done;

 

2) Install the policy in the SmartConsole after you have run this onliner


     Set all users to random passwords

 

This onliner sets all users defined in the SmartConsole under ‘User’ to random password as bulk operation.
This means that all users are set to a ‘random’ password. An overview of the set passwords is shown in the file pass.txt. 

undef_bulk_3_43765356.jpg


1) Execute this oneliner on SMS

 

clear; echo "" > pass.txt; echo -e "CVE-2024-24919 password bulk operation by Heiko Ankenbrand 2024\n\n";mgmt_cli -r true show users details-level "full" limit 500 offset 0| grep name | grep -v SMC | awk '{split($0,a," "); print a[2]}' |sed 's/\"//g' |sed 's/\n//' | tr -d '\r'  |awk '$test=$0;{system("echo -n $test")}' >user.txt ; for i in $(cat user.txt); do pass=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 8;); test="'mgmt_cli -r true set user name \""${i}"\" authentication-method \"check point password\" password \""${pass}"\"'"; test=${test//\'}; echo -e "\n\n${test}"; echo $test |awk '{system($0)}'; echo "${i} ${pass}" >> pass.txt;  done; echo -e "\n\nYou can find the users with the randomly set passwords in the following file: pass.txt \n\nUser   Password\n-------------------------------"; more pass.txt;

 

2) Install the policy in the SmartConsole after you have run this onliner


➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
3 Replies
GHOST
Participant
‎2024-06-04 12:29 PM

Very helpful oneliner to change passwords quickly and easily.
Thanks @HeikoAnkenbrand 

0 Kudos
GHaider
Contributor
‎2024-06-06 04:19 AM

thanks for the script just tested the 3rd one, but it only works for the first 50 users...to make it work for 500 you have to add:

mgmt_cli -r true show users details-level "full" limit 500 offset 0

and for the next 500 users:

mgmt_cli -r true show users details-level "full" limit 500 offset 500

hope this helps... 

HeikoAnkenbrand
Champion Champion
Champion
‎2024-06-08 09:25 AM
In response to GHaider

@GHaider Thanks for this tip. I have added the following to the oneliner ‘limit 500 offset 0’.

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events