CVE-2022-29361 PoC — Pallets Werkzeug 环境问题漏洞

Source

https://github.com/l3ragio/CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS

Associated Vulnerability

Title:Pallets Werkzeug 环境问题漏洞 (CVE-2022-29361)
Description:Pallets Werkzeug是一款WSGI Web应用程序库。 Pallets Werkzeug 2.1.0版本及之前版本存在安全漏洞，该漏洞源于不正确解析 HTTP 的请求。攻击者利用该漏洞通过特制的 HTTP 请求执行 HTTP 请求走私。

Readme

Credits to @kevin-mizu

https://github.com/kevin-mizu/Werkzeug-CVE-2022-29361-PoC/tree/main

for details read:
https://mizu.re/post/abusing-client-side-desync-on-werkzeug

Tested On Chromium 119.0.6045.123 built on Debian trixie/sid, running on Debian kali-rolling

File Snapshot


 [4.0K]  /data/pocs/d7754c752c1abe70218146bef416d5465a7b70a9
├── [ 147]  docker-compose.yaml
├── [1.0K]  LICENSE
├── [ 265]  README.md
├── [4.0K]  rogue
│   ├── [ 399]  Dockerfile
│   ├── [ 177]  pyvenv.cfg
│   └── [4.0K]  src
│       ├── [   5]  requirements.txt
│       └── [ 802]  rogue_server.py
└── [4.0K]  vuln
    ├── [ 404]  Dockerfile
    └── [4.0K]  src
        ├── [  28]  requirements.txt
        └── [ 275]  vulnerable_server.py

4 directories, 10 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!