关联漏洞
描述
This script is specifically designed to solve the challenge on PentesterLab for the CVE-2013-0156 exploit
介绍
# Original Script Reference
For more details on the original exploit script, refer to the gist link [CVE-2013-0156](https://gist.github.com/postmodern/4499206)
# CVE-2013-0156 Exploit Script
This script is specifically designed to solve the challenge on **PentesterLab** for the CVE-2013-0156 exploit. You can access the challenge here: [PentesterLab - CVE-2013-0156 Challenge](https://pentesterlab.com/exercises/cve-2013-0156).
This Python script is designed to exploit the **CVE-2013-0156** vulnerability, a critical **remote code execution (RCE)** issue in Ruby on Rails applications caused by insecure deserialization of YAML objects. The vulnerability allows an attacker to inject arbitrary code through a crafted YAML payload, leading to code execution on the target server.
## Features
- **Payload Injection**: The script sends a crafted XML payload to the target URL, exploiting the deserialization vulnerability in vulnerable Rails applications (Rails 2.x and 3.x).
- **Customizable Target Version**: Supports specifying whether the target is Rails 2.x or 3.x, allowing more control over payload format.
- **Formatted Output**: The script presents a well-structured and visually appealing output with color-coded request and response details, making it easy to track the exploit's status and response.
- **Success Notification**: Upon successful exploitation, the script notifies the user that the exploit has been executed successfully.
## Usage
### Installation
Make sure you have the required Python packages installed by running:
```bash
pip install requests colorama pyyaml
```
## Running the Script
```bash
python exploit.py <URL> <PAYLOAD> [rails3|rails2] [--show ]
```
### Example
```bash
python exploit.py http://example.com/payload example_payload rails3 --show
```
------
## Example Output
Upon successful execution, the script will display a color-coded output with the following sections:
Request: Shows the URL, headers, and the XML payload being sent.
Response: Displays the status code and the response body (truncated for large responses).
Success/Failure Notification: Notifies you if the exploit was successful or if any error occurred.
## Important Notes
Use Responsibly: This script is designed for educational purposes and should only be used on systems you have permission to test. Unauthorized exploitation of this vulnerability is illegal and unethical.
Rails Versions: This script supports Rails 3.x and 2.x. Ensure the target is running a vulnerable version of Rails before attempting the exploit.
文件快照
[4.0K] /data/pocs/c132e75ede117f97fdbb4f24ed985887e57c11f8
├── [5.8K] cve-2013-0156.py
└── [2.5K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。