CVE-2021-42237 PoC — Sitecore 代码问题漏洞

Source

https://github.com/crankyyash/SiteCore-RCE-Detection

Associated Vulnerability

Title:Sitecore 代码问题漏洞 (CVE-2021-42237)
Description:Sitecore是丹麦Sitecore公司的一套在线营销内容管理系统（CMS）。该系统支持内容编辑、多种语言、多网站部署、数字资产管理等。 Sitecore XP 存在安全漏洞，该漏洞源于Sitecore XP 7.5到Sitecore XP 8.2 容易受到不安全的反序列化攻击。攻击者可利用该漏洞在机器上实现远程命令执行。

Description

For detection of sitecore RCE - CVE-2021-42237

Readme

# SiteCore-RCE-Detection
For detection of sitecore RCE - CVE-2021-42237
Sitecore Experience Platform Pre-Auth RCE - CVE-2021-42237

Relies on sitecore version detection and response when a request is made to vulnerale Report.ashx via Get and Post.

The script takes a file containing list of urls in format www.url.com on each line.

Usage :
python3 check-for-sitecore-rce.py -h

python3 check-for-sitecore-rce.py -u urls.txt

May result in false positives if the web application handles ther error differently. Recommended to check pages with 200 responses.

PoCs

![3](https://user-images.githubusercontent.com/61792333/191764846-2a03beb2-5bdf-451e-9093-5e4662f941da.PNG)

![2](https://user-images.githubusercontent.com/61792333/191758706-9d6a80dd-4d14-404a-ae88-541e78e079b6.PNG)

Reference : https://blog.assetnote.io/2021/11/02/sitecore-rce/ , https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1000776

File Snapshot


 [4.0K]  /data/pocs/98e0985cd8c9289b3f0faa20a399a81714375a3a
├── [3.1K]  check-for-sitecore-rce.py
└── [ 926]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!