cve-2023-42442

command module

v0.0.0-...-c2d60e0 Latest Latest Go to latest Published: Oct 31, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/c1ph3rx13/cve-2023-42442

Links

Open Source Insights

README ¶

CVE-2023-42442

CVE-2023-42442 JumpServer Session 录像任意下载漏洞

漏洞说明

CVE-2023-42442是一个组合洞，包含Jumpserver中的两个Bug

API未授权访问导致泄露session信息
目录权限绕过导致录像文件被下载

USAGE

Python Version

python CVE-2023-42442.py -h


     ██████╗██╗   ██╗███████╗    ██████╗  ██████╗ ██████╗ ██████╗       ██╗  ██╗██████╗ ██╗  ██╗██╗  ██╗██████╗
    ██╔════╝██║   ██║██╔════╝    ╚════██╗██╔═████╗╚════██╗╚════██╗      ██║  ██║╚════██╗██║  ██║██║  ██║╚════██╗
    ██║     ██║   ██║█████╗█████╗ █████╔╝██║██╔██║ █████╔╝ █████╔╝█████╗███████║ █████╔╝███████║███████║ █████╔╝
    ██║     ╚██╗ ██╔╝██╔══╝╚════╝██╔═══╝ ████╔╝██║██╔═══╝  ╚═══██╗╚════╝╚════██║██╔═══╝ ╚════██║╚════██║██╔═══╝
    ╚██████╗ ╚████╔╝ ███████╗    ███████╗╚██████╔╝███████╗██████╔╝           ██║███████╗     ██║     ██║███████╗
     ╚═════╝  ╚═══╝  ╚══════╝    ╚══════╝ ╚═════╝ ╚══════╝╚═════╝            ╚═╝╚══════╝     ╚═╝     ╚═╝╚══════╝

        @Auth: C1ph3rX13
        @Blog: https://c1ph3rx13.github.io
        @Note: 代码仅供学习使用，请勿用于其他用途


usage: CVE-2023-42442.py [-h] -t TARGET

CVE-2023-42442 by C1ph3rX13.

options:
  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        target url

Go Version

Build

# 源码编译，暂时只支持Windows
go mod init CVE-2023-42442
go mod tidy
go build -ldflags="-s -w" -trimpath -o CVE-2023-42442.exe .\CVE-2023-42442.go

Run

.\CVE-2023-42442.exe -h


        ██████╗██╗   ██╗███████╗    ██████╗  ██████╗ ██████╗ ██████╗       ██╗  ██╗██████╗ ██╗  ██╗██╗  ██╗██████╗
        ██╔════╝██║   ██║██╔════╝    ╚════██╗██╔═████╗╚════██╗╚════██╗      ██║  ██║╚════██╗██║  ██║██║  ██║╚════██╗
        ██║     ██║   ██║█████╗█████╗ █████╔╝██║██╔██║ █████╔╝ █████╔╝█████╗███████║ █████╔╝███████║███████║ █████╔╝
        ██║     ╚██╗ ██╔╝██╔══╝╚════╝██╔═══╝ ████╔╝██║██╔═══╝  ╚═══██╗╚════╝╚════██║██╔═══╝ ╚════██║╚════██║██╔═══╝
        ╚██████╗ ╚████╔╝ ███████╗    ███████╗╚██████╔╝███████╗██████╔╝           ██║███████╗     ██║     ██║███████╗
        ╚═════╝  ╚═══╝  ╚══════╝    ╚══════╝ ╚═════╝ ╚══════╝╚═════╝            ╚═╝╚══════╝     ╚═╝     ╚═╝╚══════╝

        @Auth: C1ph3rX13
        @Blog: https://c1ph3rx13.github.io
        @Note: 代码仅供学习使用，请勿用于其他用途

Usage of CVE-2023-42442.exe:
  -proxy string
        Proxy Url: http/https://IP:Port
  -t string
        Target Url

更新日志

2023-10-31 优化 Go Version，减少代码量

问题

httpx会自动化规范输入url的格式，即使是使用Writing custom transports
httpx wiki：https://www.python-httpx.org/advanced/#writing-custom-transports
requests则不会

参考

部分代码参考以下项目：

https://github.com/tarimoe/blackjump

免责声明

本工具仅面向拥有合法授权的渗透测试安全人员及进行常规操作的网络运维人员，用户可在取得足够合法授权且非商用的前提下进行下载、复制、传播或使用。
在使用本工具的过程中，您应确保自己的所有行为符合当地法律法规，且不得将此软件用于违反中国人民共和国相关法律的活动。本工具所有作者和贡献者不承担用户擅自使用本工具从事任何违法活动所产生的任何责任。

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

CVE-2023-42442.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL