Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-40028 PoC — Ghost Foundation Ghost 后置链接漏洞

Source
https://github.com/rehan6658/CVE-2023-40028
Associated Vulnerability
Title:Ghost Foundation Ghost 后置链接漏洞 (CVE-2023-40028)
Description:Ghost Foundation Ghost是Ghost开源的一款用 JavaScript 编写的个人博客系统。 Ghost 5.59.1 版本之前存在后置链接漏洞,该漏洞源于允许经过身份验证的用户上传符号链接文件。攻击者利用该漏洞可以读取任意文件。
Readme
# CVE-2023-40028 Exploit

This script exploits a vulnerability in Ghost CMS, allowing arbitrary file read through symbolic link abuse.

# Features

- Creates a symlink to the target file
- Compresses the payload into a ZIP file
- Uploads the ZIP file via the Ghost API
- Reads the file through an accessible image URL
- Cleans up after execution

# Usage

```python3 exploit.py -u <username> -p <password>```

Once the shell starts, enter the full file path you want to read (without spaces) and hit enter.
To exit, type exit.

# Requirements

Python 3.x
`requests` module

# Disclaimer

This script is for educational and authorized security research purposes only. Do not use it on systems you do not own or have explicit permission to test.

# License

This project is licensed under the MIT License - see the LICENSE file for details.
File Snapshot

 [4.0K]  /data/pocs/e592812a4dafb7485977abeefc13dc747f95f8b1
├── [3.4K]  exploit.py
├── [1.0K]  LICENSE
└── [ 839]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.