CVE-2022-35513 PoC — Blink1Control2 加密问题漏洞

Source

https://github.com/p1ckzi/CVE-2022-35513

Associated Vulnerability

Title:Blink1Control2 加密问题漏洞 (CVE-2022-35513)
Description:Blink1Control2是Tod Kurt个人开发者的一个桌面应用程序。用于控制和挂钩事件到 blink(1)。 Blink1Control2 2.2.7及之前版本存在安全漏洞，该漏洞源于使用弱密码加密和不安全的存储方法。

Description

CVE-2022-35513 | blink1-pass-decrypt

Readme

# blink1-pass-decrypt ⭐
poc and simple script designed for reversing the ciphertext found at /blink/input  
of the api server in blink1control2 installations (versions <=2.2.7).

## the exploit - CVE-2022-35513 ❗
the blink1control2 app utilises weak password encryption and an insecure method of storage which can be found by accessing the /blink1/input url
of the api server.  
password ciphertext for skype logins and email are listed and can be decrypted.

## prerequisites ✔
* node
* node argparse module
* node simplecrypt module
```
sudo apt install npm
npm install argparse
npm install simplecrypt
```

## usage ℹ
use `./blink1-pass-decrypt` or `node blink1-pass-decrypt` with `-h` or `--help` for help menu:
```
usage: blink-pass-decrypt [-h] ciphertext

decrypts passwords found at the /blink/input url of the blink1control2 api
server (version <= 2.2.7 ).

positional arguments:
  ciphertext  encrypted password string to use

optional arguments:
  -h, --help  show this help message and exit
```
example:
```
node blink1-pass-decrypt '69827e0ecea378946e999df4313cb9a1e49c049a7b9bac8bf1105cdec9f221c8'
```

File Snapshot


 [4.0K]  /data/pocs/980ce27ba07a21579c3eae2aceb1152af413cd36
├── [2.4K]  blink1-pass-decrypt
└── [1.1K]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!