CVE-2023-29923 PoC — PowerJob 安全漏洞

Source

https://github.com/1820112015/CVE-2023-29923

Associated Vulnerability

Title:PowerJob 安全漏洞 (CVE-2023-29923)
Description:PowerJob是一个开源分布式计算和作业调度框架，它允许开发人员在自己的应用程序中轻松调度任务。 PowerJob V4.3.1版本存在安全漏洞，该漏洞源于存在不安全权限。

Description

CVE-2023-29922 Batch detection script

Readme

# #CVE-2023-29923

1、准备一个url.txt，例如：

<img width="745" alt="image" src="https://github.com/1820112015/CVE-2023-29923/blob/6345c95d8e46be1653feec6860741662fe8e75e9/images/b67dfbeb-1b30-4d77-815d-c0aade854517.png">

2、执行 `python CVE-2023-29923.py -f url.txt`

<img width="745" alt="image" src="https://github.com/1820112015/CVE-2023-29923/blob/6345c95d8e46be1653feec6860741662fe8e75e9/images/8424b5a0-7815-4973-bf7d-e6e0f2632cd2.png">
<img width="745" alt="image" src="https://github.com/1820112015/CVE-2023-29923/blob/6345c95d8e46be1653feec6860741662fe8e75e9/images/2e359fde-08ef-47ef-ad89-ee022d7de180.png">

3、检测出有未授权访问漏洞的资产都会保存在同目录result.txt 文件中

<img width="745" alt="image" src="https://github.com/1820112015/CVE-2023-29923/blob/6345c95d8e46be1653feec6860741662fe8e75e9/images/2ebc74de-3f9c-4614-8ccf-e8f67336fb37.png">

File Snapshot


 [4.0K]  /data/pocs/6b8d786e23c8541468daeb387997f2d69f684e3c
├── [1.5K]  CVE-2023-29923.py
├── [4.0K]  images
│   ├── [102K]  2e359fde-08ef-47ef-ad89-ee022d7de180.png
│   ├── [141K]  2ebc74de-3f9c-4614-8ccf-e8f67336fb37.png
│   ├── [ 20K]  8424b5a0-7815-4973-bf7d-e6e0f2632cd2.png
│   └── [ 13K]  b67dfbeb-1b30-4d77-815d-c0aade854517.png
├── [ 919]  README.md
└── [  85]  url.txt

1 directory, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!