POC详情: c3557d0f851b6ee178e3e761d25b65313c2f7b55

来源
关联漏洞
标题: Next.js 安全漏洞 (CVE-2024-46982)
描述:Next.js是Vercel开源的一个 React 框架。 Next.js 13.5.1版本至14.2.10之前版本存在安全漏洞。攻击者利用该漏洞通过发送特制HTTP请求,毒害页面路由器中非动态服务器端呈现路由的缓存。
描述
POC CVE-2024-46982
介绍
# Next.js Cache Poisoning Exploit

This Go script demonstrates a cache poisoning exploit targeting Next.js `_next/image` endpoints by manipulating cache keys and injecting attacker-controlled URLs.

## Features
- Copies a source image file multiple times.
- Generates crafted URLs pointing to an attacker's server.
- Automates sending requests to the vulnerable target endpoint.
- Cleans up temporary files after each iteration.
- Configurable via command-line options.

## Requirements
- Go 1.21 or newer.
- A publicly accessible server (e.g., using `ngrok`).

## Usage
Run the script with the following options:

```bash
go run main.go -s <source-image> -a <attacker-url> -t <target-url> -n <num-copies> -d <delay>
```

## Example

```bash
go run main.go -h 

Usage: exploit [OPTIONS]

Options:
  -s, --source-image  Path to the source image file
  -a, --attacker-url  Base URL of the attacker's server (required)
  -f, --file          Path to the file containing target URLs (one per line)
  -n, --num-copies    Number of image copies to create and upload (default: 5)
  -d, --delay         Delay between requests in seconds (default: 60)
  -h, --help          Show this help message and exit

Example:
  go run exploit.go -s chillguy.jpg -a http://attacker-ngrok-url -t https://victim-url.com -n 10 -d 30
```
文件快照

[4.0K] /data/pocs/c3557d0f851b6ee178e3e761d25b65313c2f7b55 ├── [ 80K] chill.jpg ├── [ 36] go.mod ├── [3.9K] main.go └── [1.3K] README.md 0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。