Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/AbelChe/evil_minio

EXP for CVE-2023-28434 MinIO unauthorized to RCE
https://github.com/AbelChe/evil_minio

cve-2023-28434 minio

Last synced: 21 days ago
JSON representation

EXP for CVE-2023-28434 MinIO unauthorized to RCE

Host: GitHub
URL: https://github.com/AbelChe/evil_minio
Owner: AbelChe
License: agpl-3.0
Created: 2023-03-27T08:53:04.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2023-04-04T05:26:59.000Z (over 1 year ago)
Last Synced: 2024-08-05T17:29:03.353Z (4 months ago)
Topics: cve-2023-28434, minio
Language: Go
Homepage:
Size: 24.3 MB
Stars: 295
Watchers: 3
Forks: 37
Open Issues: 4
Metadata Files:
- Readme: README.fips.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: code_of_conduct.md
- Security: SECURITY.md

Awesome Lists containing this project

awesome-hacking-lists - AbelChe/evil_minio - EXP for CVE-2023-28434 MinIO unauthorized to RCE (Go)

README

# MinIO FIPS Builds

MinIO creates FIPS builds using a patched version of the Go compiler (that uses BoringCrypto, from BoringSSL, which is [FIPS 140-2 validated](https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2964.pdf)) published by the Golang Team [here](https://github.com/golang/go/tree/dev.boringcrypto/misc/boring).

MinIO FIPS executables are available at - they are only published for `linux-amd64` architecture as binary files with the suffix `.fips`. We also publish corresponding container images to our official image repositories.

We are not making any statements or representations about the suitability of this code or build in relation to the FIPS 140-2 standard. Interested users will have to evaluate for themselves whether this is useful for their own purposes.