关联漏洞
标题:Apache HTTP Server 代码问题漏洞 (CVE-2021-40438)Description:Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 Apache HTTP Server存在代码问题漏洞,该漏洞是由于系统对用户的输入没有进行严格的过滤导致,攻击者可以构造恶意数据对目标服务器进行SSRF攻击。该漏洞可做为攻击目标服务器内网的跳板,以此对服务器所在内网进行端口扫描、攻击运行在内网的应用程序、下载内网资源等。
Description
CVE-2021-40438 Apache <= 2.4.48 SSRF exploit
介绍
# CVE-2021-40438 - Apache <= 2.4.48 - SSRF Python exploit
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
## CVSS v3.1:
Base Score: 9.0
Severity: CRITICAL
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Changed
Confidentiality: High
Integrity: High
Availability: High
## Description
Vulnerability category: Server-side request forgery (SSRF)
This script uses the requests library to perform the HTTP GET request with the provided URLs. You can run the script from the command line, specifying the -t and -ssrf options to customise the URLs.
## Example of use:
You can use ngrok as a local webhook instead of open your local ports or use a public webhook from the internet.
```
python3 CVE-2021-40438.py -t https://target.com -ssrf https://cf92-88-26-100-207.ngrok-free.app/ssrf
python3 CVE-2021-40438.py -t https://target.com -ssrf http://127.0.0.1
```
## Requirements
Make sure you have the requests library installed before running the script. You can install it with the following command:
```
pip install requests
```
文件快照
[4.0K] /data/pocs/9879e13361b71b7bb7edd6c5c71c70a52814f722
├── [8.2K] CVE-2021-40438.py
├── [6.9K] LICENSE
└── [1.2K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →