支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: e6104d1ccbb8f586a377643a9ef0c5b399131a92

来源
https://github.com/OrangeJuiceHU/CVE-2024-41958-PoC
关联漏洞
标题:mailcow 安全漏洞 (CVE-2024-41958)
Description:mailcow是一个邮件服务器套件。 mailcow 2024-07之前版本存在安全漏洞,该漏洞源于允许经过身份验证的攻击者绕过2FA保护,从而允许未经授权访问其他使用2FA保护的帐户。
Description
This is a small proof of concept for CVE-2024-41958
介绍
# CVE-2024-41958-PoC

This is a small proof of concept for `CVE-2024-41958`.

It is possible to bypass the TFA authentication on the admin panel.

Affected versions: `< 2024-07`

### Prerequisites needed for the CVE to function:

- `Password` and `username` for an account without TFA.
- `Password` and `username` for an account which has TFA enabled.
- Mailcow version below `2024-07`.

### How to use the poc:

1. Install the dependency

```
pip install -r requirements.txt
```

2. Fill in the necessary informations in the sript

- URL
- Password and username for the user who does not have TFA enabled
- Password and username for the user who has TFA enabled

3. Run the script

```
python poc.py
```

The output if the script works fine:
```
PoC works!

PHPSESSID=6cd6779a5e499a0e7708aed3aae9d3a4
```

4. Copy the `PHPSESSID` and set the cookie in your browser

![cookie](./resources/cookie.png)

5. Refresh the page

6. You are now logged in as the user with TFA enabled


Author: `Patrik Mayor`
文件快照

 [4.0K]  /data/pocs/e6104d1ccbb8f586a377643a9ef0c5b399131a92
├── [1.4K]  poc.py
├── [1001]  README.md
├── [   9]  requirements.txt
└── [4.0K]  resources
    └── [ 19K]  cookie.png

1 directory, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。