CVE-2020-24815 PoC — Microstrategy 代码问题漏洞

Source

https://github.com/darkvirus-7x/exploit-CVE-2020-24815

Associated Vulnerability

Title:Microstrategy 代码问题漏洞 (CVE-2020-24815)
Description:Microstrategy是美国Microstrategy公司的一套业务分析和移动平台。 MicroStrategy 10.4 版本存在代码问题漏洞，该漏洞允许经过身份验证的用户访问内部网络资源的内容或通过嵌入在档案仪表板文档中的HTML容器从本地系统泄漏文件。

Readme

# exploit-CVE-2020-24815.py
this is my first exploit for CVE-2020-24815



<img width="450px" alt="Screenshot 2023-03-18 225341" src="https://user-images.githubusercontent.com/111196316/226142334-ded6f12f-5ac6-4fa0-bc3e-f4acd8752aca.png">

<div style="font-weight:700">put the POST path after url !!!!<br>Example:<br><img src="https://user-images.githubusercontent.com/111196316/226142885-244a3b8a-75b5-447f-b655-a33bf935b41d.png">
</div>

if the script not work change the cookie on script
```bash
  $ -> pip install -r requirements.txt
```
fix probleme pdftotext not installed:
``` 
  $ -> sudo apt-get install build-essential libpoppler-cpp-dev pkg-config python3-dev
 ```

File Snapshot


 [4.0K]  /data/pocs/56f4a049d7c56eb665c5489c9dbb34ceec84a938
├── [1.1K]  exploit-CVE-2020-24815.py
├── [ 676]  README.md
└── [  27]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!