Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-24329 PoC — Python 输入验证错误漏洞

Source
https://github.com/H4R335HR/CVE-2023-24329-PoC
Associated Vulnerability
Title:Python 输入验证错误漏洞 (CVE-2023-24329)
Description:Python是Python基金会的一套开源的、面向对象的程序设计语言。该语言具有可扩展、支持模块和包、支持多种平台等特点。 Python 3.11之前版本存在输入验证错误漏洞,该漏洞源于允许攻击者通过提供以空白字符开头的URL来绕过黑名单。
Readme
# CVE-2023-24329-PoC

A short and inforamtional PoC on CVE-2023-24329: Python urllib parsing flaw.

```
git clone https://github.com/H4R335HR/CVE-2023-24329-PoC
cd CVE-2023-24329-PoC
python3 CVE-2023-24329-PoC.py
```
Based on research by Yebo Cao - https://pointernull.com/security/python-url-parse-problem.html
File Snapshot

 [4.0K]  /data/pocs/5ce98042966002a6b7be6e5367b72f46a2a10f6e
├── [2.5K]  CVE-2023-24329-PoC.py
├── [1.0K]  LICENSE
└── [ 312]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.