CVE-2023-42820 PoC — Jumpserver 信息泄露漏洞

Source

https://github.com/Startr4ck/cve-2023-42820

Associated Vulnerability

Title:Jumpserver 信息泄露漏洞 (CVE-2023-42820)
Description:Jumpserver是中国杭州飞致云信息科技有限公司的一款开源堡垒机。 JumpServer 存在信息泄露漏洞，该漏洞源于将随机数种子暴露给 API 造成的，可能会允许重放随机生成的验证码，从而导致密码重置。

Description

JumpServer

Readme

# cve-2023-42820
JumpServer 
## 影响版本 
v2.24 - v3.6.4

## 造成危害
在知道jumpserver管理台的用户账户对应的邮箱的情况下（默认为 admin/admin@mycomany.com）
可通过漏洞重置管理台的管理员用户密码，并且配合jumpserver的 CVE-2023-42819 漏洞，最终可以getshell


## show 
![image](https://github.com/Startr4ck/cve-2023-42820/blob/main/%E8%AF%81%E6%98%8E.gif)  
![image](https://github.com/Startr4ck/cve-2023-42820/blob/main/proof.png)

File Snapshot


 [4.0K]  /data/pocs/9df17d57d257306638db1b4e4a1b44c8ce115bd0
├── [ 85K]  proof.png
├── [ 495]  README.md
└── [1.1M]  证明.gif

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!