POC详情: e592812a4dafb7485977abeefc13dc747f95f8b1

来源
https://github.com/rehan6658/CVE-2023-40028
关联漏洞
标题: Ghost Foundation Ghost 后置链接漏洞 (CVE-2023-40028)
描述:Ghost Foundation Ghost是Ghost开源的一款用 JavaScript 编写的个人博客系统。 Ghost 5.59.1 版本之前存在后置链接漏洞,该漏洞源于允许经过身份验证的用户上传符号链接文件。攻击者利用该漏洞可以读取任意文件。
介绍
# CVE-2023-40028 Exploit

This script exploits a vulnerability in Ghost CMS, allowing arbitrary file read through symbolic link abuse.

# Features

- Creates a symlink to the target file
- Compresses the payload into a ZIP file
- Uploads the ZIP file via the Ghost API
- Reads the file through an accessible image URL
- Cleans up after execution

# Usage

```python3 exploit.py -u <username> -p <password>```

Once the shell starts, enter the full file path you want to read (without spaces) and hit enter.
To exit, type exit.

# Requirements

Python 3.x
`requests` module

# Disclaimer

This script is for educational and authorized security research purposes only. Do not use it on systems you do not own or have explicit permission to test.

# License

This project is licensed under the MIT License - see the LICENSE file for details.
文件快照

 [4.0K]  /data/pocs/e592812a4dafb7485977abeefc13dc747f95f8b1
├── [3.4K]  exploit.py
├── [1.0K]  LICENSE
└── [ 839]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。