Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/0xkayala/cve-2023-33246

CVE-2023-33246 - Apache RocketMQ config RCE
https://github.com/0xkayala/cve-2023-33246

Last synced: 4 days ago
JSON representation

CVE-2023-33246 - Apache RocketMQ config RCE

Awesome Lists containing this project

README 

        
# CVE-2023-33246 - RocketMQ Remote Code Execution

CVE-2023-33246 - Apache RocketMQ config Remote Code Execution Exploit



# Overview

RocketMQ is a distributed messaging and streaming platform.



RocketMQ versions 5.1.0 and below are vulnerable to Arbitrary Code Injection. Broker component of RocketMQ is leaked on the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content.



# Detect RocketMQ version to identify vulnerabilities

```

usage: check.py [-h] [--ip IP] [--file FILE] [--port PORT] [--cidr CIDR]



Check CVE-2023-33246 RocketMQ RCE vulnerability



optional arguments:

  -h, --help   show this help message and exit

  --ip IP      A single IP address to check

  --file FILE  A file containing a list of IP addresses, one per line

  --port PORT  The port number to use when connecting to the server (default

               is 9876)

  --cidr CIDR  A CIDR range to scan (e.g. 1.2.3.0/24)

```

------

## usage examples

```

python3 check.py --ip 127.0.0.1 --port 9876

python3 check.py --cidr 192.168.1.0/24

# or 

python3 check.py --file rocketmq_targets.txt --port 9876

# target in file format:

# ip

# ip:port

# http://ip:port

```