{"id":24985879,"url":"https://github.com/samjuk/cosmicsting-validator","last_synced_at":"2025-08-11T06:36:27.797Z","repository":{"id":247302990,"uuid":"825491938","full_name":"SamJUK/cosmicsting-validator","owner":"SamJUK","description":"CosmicSting (CVE-2024-34102) POC / Patch Validator","archived":false,"fork":false,"pushed_at":"2025-02-14T17:37:41.000Z","size":5,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-02-14T18:30:59.617Z","etag":null,"topics":["cosmicsting","cve-2024-34102","devsecops","magento","magento-security-patches","poc","proof-of-concept","security"],"latest_commit_sha":null,"homepage":"https://cosmicsting.samdjames.uk/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SamJUK.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-07T23:35:18.000Z","updated_at":"2025-02-14T17:37:45.000Z","dependencies_parsed_at":"2025-02-14T18:36:11.165Z","dependency_job_id":null,"html_url":"https://github.com/SamJUK/cosmicsting-validator","commit_stats":null,"previous_names":["samjuk/cosmicsting-validator"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamJUK%2Fcosmicsting-validator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamJUK%2Fcosmicsting-validator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamJUK%2Fcosmicsting-validator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamJUK%2Fcosmicsting-validator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SamJUK","download_url":"https://codeload.github.com/SamJUK/cosmicsting-validator/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246174543,"owners_count":20735413,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cosmicsting","cve-2024-34102","devsecops","magento","magento-security-patches","poc","proof-of-concept","security"],"created_at":"2025-02-04T10:59:22.660Z","updated_at":"2025-03-29T10:46:33.726Z","avatar_url":"https://github.com/SamJUK.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"A [Cosmicsting POC](https://github.com/Chocapikk/CVE-2024-34102), with a bash script to check all of our hosted sites to confirm the patch.\n\nThis repository is provided to allow store owners / hosts to confirm the patch is applied on stores. Within `check.bash` add domains to the `SITES` list.\n\n[https://www.sdj.pw/posts/magento2-cosmic-sting-check/](https://www.sdj.pw/posts/magento2-cosmic-sting-check/)\n\n[Online Validator https://cosmicsting.samdjames.uk/](https://cosmicsting.samdjames.uk/)\n\n## Setup\n```sh\n# Create a python virtual environment for the project\npython -m venv venv\n\n# Activate virtual environment (pick appropriate below)\nsource venv/bin/activate # MacOS / Unix\nvenv\\Scripts\\activate    # Windows\n\n# Install Requirements\npip install -r requirements.txt\n```\n\n## Usage\n```sh\n# Run the POC against a single store\n./poc.py -u https://samdjames.uk\n\n# To run the POC against multiple stores, first create txt file containing the list of sites seperated by a new line\n# for example `sites/example.txt`. And pass it as the first positional argument of the ./z_validate script.\n./z_validate sites/example.txt\n\n# A very basic check monitoring stores for compromise\n# Dumps all script src's to a file, and compares against the previous run.\n./z_compromise_check sites/example.txt\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamjuk%2Fcosmicsting-validator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsamjuk%2Fcosmicsting-validator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamjuk%2Fcosmicsting-validator/lists"}