CVE-2023-42442 PoC — Jumpserver 授权问题漏洞

Source

https://github.com/HolyGu/CVE-2023-42442

Associated Vulnerability

Title:Jumpserver 授权问题漏洞 (CVE-2023-42442)
Description:Jumpserver是中国杭州飞致云信息科技有限公司的一款开源堡垒机。 JumpServer 存在授权问题漏洞，该漏洞源于无需身份验证即可下载会话重播。

Readme

## 红队攻防之JumpServer未授权访问漏洞(CVE-2023-42442)后利用过程分享

使用方法：go run CVE-2023-42442.go --url http://192.168.123.120

详见微信公众号文章：https://mp.weixin.qq.com/s/NCSnTsOMxslmf5S6d9896A

File Snapshot


 [4.0K]  /data/pocs/db2e6bf2888de23e978740da18a23e01a364664c
├── [4.1K]  CVE-2023-42442.go
└── [ 238]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.