CVE-2022-36663 PoC — Gluu 代码问题漏洞

Source

https://github.com/aqeisi/CVE-2022-36663-PoC

Associated Vulnerability

Title:Gluu 代码问题漏洞 (CVE-2022-36663)
Description:Gluu是美国Gluu组织的一个云托管身份平台。 Gluu Oxauth v4.4.1之前版本存在安全漏洞，攻击者利用该漏洞可以通过精心设计的 request_uri 参数执行服务器端请求伪造（SSRF）攻击。

Description

Internal network scanner through Gluu IAM blind ssrf

Readme

# CVE-2022-36663-PoC
Internal network scanner through Gluu IAM blind ssrf

Gluu IAM is vulnerable to blind SSRF which can be exploited to scan the internal network for open ports depending on response times.

https://nvd.nist.gov/vuln/detail/CVE-2022-36663

To check if the target is vulnerable, add `&request_uri=http://burpcollab` to the `/oxauth/restv1/authorize` request and poll for incoming traffic from the target server.
# Usage

```python3 CVE-2022-36663.py --url https://target --ip 10.10.10.10 --port 8080 --ar '/oxauth/restv1/authorize?client_id=<clientID>&redirect_uri=https://target.com/return.html&response_type=code&scope=openid+profile+email+user_name&nonce=<nonce>&acr_values=simple_password_auth&request_uri='```

Url - the Gluu IAM server url

IP - The internal Ip address or subnet that you want to scan

Port - The internal port you want to scan

AR - The authorization request URL ending with an empty request_uri

![image](https://user-images.githubusercontent.com/84850150/197365625-d929cc4f-a87a-4f91-99c8-dd32decad1fb.png)

File Snapshot


 [4.0K]  /data/pocs/6d625e96da68cccf9e2af958321a2dd6e2dc04f7
├── [2.8K]  CVE-2022-36663.py
├── [ 150]  index.html
└── [1.0K]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!