POC详情: b3fa67a31ef6139c59d756f6fe1c669b30079167

来源
关联漏洞
标题: Sonatype Nexus Repository 安全漏洞 (CVE-2024-4956)
描述:Sonatype Nexus Repository是美国Sonatype公司的一款存储库管理器,它主要用于管理、存储和分发软件等。 Sonatype Nexus Repository 3.68.1之前版本存在安全漏洞,该漏洞源于存在路径遍历,允许未经身份验证的攻击者读取系统文件。
描述
Exploit for CVE-2024-4956 affecting all previous Sonatype Nexus Repository 3.x OSS/Pro versions up to and including 3.68.0
介绍
# CVE-2024-4956-Sonatype-Nexus-Repository-Manager

**Sonatype Nexus Repository Manager** provides a central platform for storing build artifacts

**CVE-2024-4956** is a path traversal vulnerability in Sonatype Nexus Repository manager that allows an attacker to craft a URL to return any file as a download, including system files outside of Nexus Repository application scope, without any authentication.

**Affected Versions**:  All previous Sonatype Nexus Repository 3.x OSS/Pro versions up to and including 3.68.0

**Python3 exploit Usage**: python3 exploitPython.py -u -p -f

**Python3 exploit Usage example**: python3 exploitPython.py -u http://127.0.0.1 -p 8081 -f /etc/passwd

**Bash exploit Usage**: ./exploitBash.sh -u targetUrl -p targetPort -f targetFile

**Bash exploit Usage example**: ./exploitBash.sh -u https://127.0.0.1 -p 8081 -f /etc/passwd

**Disclaimer**: This exploit is to be used only for educational and authorized testing purposes. Illegal/unauthorized use of this exploit is prohibited.

**References**: 
https://support.sonatype.com/hc/en-us/articles/29416509323923-CVE-2024-4956-Nexus-Repository-3-Path-Traversal-2024-05-16
https://nvd.nist.gov/vuln/detail/CVE-2024-4956
https://exp10it.io/2024/05/%E9%80%9A%E8%BF%87-java-fuzzing-%E6%8C%96%E6%8E%98-nexus-repository-3-%E7%9B%AE%E5%BD%95%E7%A9%BF%E8%B6%8A%E6%BC%8F%E6%B4%9E-cve-2024-4956/
文件快照
 [4.0K]  /data/pocs/b3fa67a31ef6139c59d756f6fe1c669b30079167
├── [1.7K]  exploitBash.sh
├── [1.5K]  exploitPython.py
└── [1.3K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。