CVE-2008-2019 PoC — SMF Audio CAPTCHA 安全绕过漏洞

Source

https://github.com/TheRook/AudioCaptchaBypass-CVE-2008-2019

Associated Vulnerability

Title:SMF Audio CAPTCHA 安全绕过漏洞 (CVE-2008-2019)
Description:Simple Machines Forum (SMF)1.1.4, 可能依赖 "随机产生的静态数值"来阻碍在WAV file (又称 audio) CAPTCHA上的强力攻击,远程攻击者通过把加重平均也考虑了的一个自动化攻击来绕过CAPTCHA测试。

File Snapshot


 [4.0K]  /data/pocs/73ad2ba44cac20ebc2a7b42d1e612f75b0917b27
├── [9.3K]  a.wav
├── [2.0K]  gen_sound.php
├── [2.1K]  index.php
├── [ 11K]  math.php
├── [1.7K]  README.txt
└── [4.0K]  sound
    ├── [3.8K]  a.english.wav
    ├── [4.6K]  b.english.wav
    ├── [4.4K]  c.english.wav
    ├── [4.4K]  d.english.wav
    ├── [3.9K]  e.english.wav
    ├── [3.9K]  f.english.wav
    ├── [5.0K]  g.english.wav
    ├── [4.5K]  h.english.wav
    ├── [3.9K]  i.english.wav
    ├── [5.5K]  j.english.wav
    ├── [5.3K]  k.english.wav
    ├── [4.0K]  l.english.wav
    ├── [3.9K]  m.english.wav
    ├── [3.6K]  n.english.wav
    ├── [3.7K]  o.english.wav
    ├── [3.4K]  p.english.wav
    ├── [4.5K]  q.english.wav
    ├── [4.1K]  r.english.wav
    ├── [4.0K]  s.english.wav
    ├── [4.3K]  t.english.wav
    ├── [4.3K]  u.english.wav
    ├── [5.2K]  v.english.wav
    ├── [6.8K]  w.english.wav
    ├── [4.3K]  x.english.wav
    ├── [5.1K]  y.english.wav
    └── [5.2K]  z.english.wav

1 directory, 31 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2008-2019 PoC — SMF Audio CAPTCHA 安全绕过漏洞

Source

Associated Vulnerability

File Snapshot

Remarks