https://github.com/codingchili/cve-2020-14368

Interactive RCE exploit demo for Eclipse CHE
https://github.com/codingchili/cve-2020-14368

eclipse-che exploit proof-of-concept vulnerability

Last synced: 4 months ago
JSON representation

Interactive RCE exploit demo for Eclipse CHE

• Host: GitHub
• URL: https://github.com/codingchili/cve-2020-14368
• Owner: codingchili
• License: mit
• Created: 2020-04-06T17:30:11.000Z (about 6 years ago)
• Default Branch: master
• Last Pushed: 2021-04-13T19:15:06.000Z (about 5 years ago)
• Last Synced: 2025-04-06T10:19:32.225Z (about 1 year ago)
• Topics: eclipse-che, exploit, proof-of-concept, vulnerability
• Language: HTML
• Size: 538 KB
• Stars: 1
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# CSWSH-THEIA-CVE-2020-14368

- Report target: Eclipse CHE deployment available on che.openshift.io

- Vulnerability type: Cross-site websocket hijack

- Discovery date: 2020-04-08

- Author: Robin Duda (codingchili@github)

## Summary

The /services websocket endpoint in Eclipse CHE adn Theia is vulnerable to cross-site websocket hijacking.

This vulnerability affects Eclipse CHE servers that uses cookie or basic authentication as the websocket

connection doesn't perform any cross-site checks or in-channel authentication, the browser automatically

includes any credentials when connecting from third-party domains. The attack works just like a cross-site

request forgery attack, except it is much more powerful as it grants an attacker two-way communicaiton.

Read more about CSWSH here: https://portswigger.net/web-security/websockets/cross-site-websocket-hijacking