Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-44000 PoC — WordPress plugin LiteSpeed Cache 安全漏洞

Source
https://github.com/absholi7ly/CVE-2024-44000-LiteSpeed-Cache
Associated Vulnerability
Title:WordPress plugin LiteSpeed Cache 安全漏洞 (CVE-2024-44000)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin LiteSpeed Cache 6.5.0.1版本之前存在安全漏洞,该漏洞源于包含一个凭证保护不足漏洞。
Description
CVE-2024-44000 is a vulnerability in the LiteSpeed Cache plugin, a popular WordPress plugin. This vulnerability affects session management in LiteSpeed Cache, allowing attackers to gain unauthorized access to sensitive data.
Readme
# Poc LiteSpeed Cache CVE-2024-44000 Exploit
CVE-2024-44000 is a vulnerability in the LiteSpeed Cache plugin, a popular WordPress plugin. This vulnerability affects session management in LiteSpeed Cache, allowing attackers to gain unauthorized access to sensitive data.

------------------------------------------------------
![Proof of Concept](Poc%20CVE-2024-44000.jpg)
------------------------------------------------------

The script works in the following steps:
1. **Extract Cookies from Debug Log**: 
- The script sends a `GET` request to retrieve the `debug.log` file (`wp-content/debug.log`) from the server.
- It uses regular expressions to extract cookies from the file's contents.

2. **Extract Session Cookies**: 
- It filters the extracted cookies to locate session cookies matching the pattern: 
      ```
      wordpress_logged_in_[^=]+=[^;]+
      ```

3. **Hijack Admin Session**: 
- The script generates URLs with the stolen cookies and sends a `GET` request to the WordPress admin dashboard (`wp-admin/`).
- If the response includes a `302 Redirect` with a `Location` header containing the `wp-admin` path, it considers the hijacking successful.

## Factors Affecting Script Success
Several factors influence the effectiveness of this script:
- **Debug Log File Accessibility**: The script assumes that the `debug.log` file is publicly accessible and contains session cookies. If this is not the case, the script will not work.
- **Cookie Extraction and Filtering**: The regular expressions used for extracting cookies may not catch all possible formats or variations of session cookies.

## Disclaimer

**Important:** Exploiting vulnerabilities without permission is illegal and unethical. This script is intended for **educational and testing purposes only**. Use it only with explicit consent from the system owner.
File Snapshot

 [4.0K]  /data/pocs/d8d6ff00dc84269b45a9fb56f2ae75e68f7e732b
├── [3.4K]  CVE_2024_44000.py
├── [ 11K]  LICENSE
├── [196K]  Poc CVE-2024-44000.jpg
└── [1.8K]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.