CVE-2023-38646 PoC — Metabase 安全漏洞

Source

https://github.com/lazysec0x21/CVE-2023-38646

Associated Vulnerability

Title:Metabase 安全漏洞 (CVE-2023-38646)
Description:Metabase是美国Metabase公司的一个开源数据分析平台。 Metabase 0.46.6.1之前版本和Metabase Enterprise 1.46.6.1之前版本存在安全漏洞，该漏洞源于允许攻击者以运行该服务的权限在服务器上执行任意命令。

Description

Tools to exploit metabase CVE-2023-38646

Readme

# Poc-Metabase-Preauth-CVE-2023-38646

Ho to use?
```
λ  cve git clone https://github.com/LazyySec/CVE-2023-38646.git
λ  cve cd Poc-Metabase-Preauth-CVE-2023-38646
λ  Poc-Metabase-Preauth-CVE-2023-38646 git:(main) go build CVE-2023-38646-Exploit.go
λ  Poc-Metabase-Preauth-CVE-2023-38646 git:(main) ✗ go build Reverse-Shell.go
λ  Poc-Metabase-Preauth-CVE-2023-38646 git:(main) ✗ ./CVE-2023-38646-Exploit --help
Usage of ./CVE-2023-38646-Exploit:
  -ip string
    	IP address
  -list string
    	Filename containing list of IP addresses

λ  Poc-Metabase-Preauth-CVE-2023-38646 git:(main) ✗ ./Reverse-Shell --help
Usage of ./Reverse-Shell:
  -lhost string
    	Listener IP address
  -lport int
    	Listener port (default is 4444) (default 4444)
  -rhost string
    	Metabase server IP address (including http:// or https:// and port number if needed)
```
Enjoy :)

File Snapshot


 [4.0K]  /data/pocs/3ddcf0648e956bd86806980e8f383741505f83f3
├── [2.1K]  CVE-2023-38646.go
├── [4.4K]  CVE-2023-38646-Reverse-Shell.go
├── [ 875]  README.md
└── [114K]  Screen Shot 2023-07-31 at 12.39.47.png

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!