https://github.com/redteampentesting/cve-2023-33243

PoC for login with password hash in STARFACE
https://github.com/redteampentesting/cve-2023-33243

Last synced: about 1 year ago
JSON representation

PoC for login with password hash in STARFACE

Host: GitHub
URL: https://github.com/redteampentesting/cve-2023-33243
Owner: RedTeamPentesting
License: mit
Created: 2023-05-26T08:32:38.000Z (about 3 years ago)
Default Branch: main
Last Pushed: 2023-06-02T14:35:23.000Z (about 3 years ago)
Last Synced: 2025-01-24T17:38:03.367Z (over 1 year ago)
Language: Python
Size: 1.95 KB
Stars: 1
Watchers: 2
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

          # Proof of Concept for Login with Password Hash in STARFACE (CVE-2023-33243)

Details are described in our

[advisory](https://www.redteam-pentesting.de/advisories/rt-sa-2022-004).

In the corresponding [blog

post](https://blog.redteam-pentesting.de/2023/storing-passwords/) the

vulnerability CVE-2023-33243 is used as an example to describe how we generally

approach the analysis of authentication mechanisms and identify misconceptions

we encounter during our pentest engagements.

## Dependencies

Install Python libraries [requests](https://github.com/psf/requests) and

[click](https://github.com/pallets/click).

## Usage

```

python3 login.py --url [URL] --login [Login ID] --pwhash [SHA512 Password Hash]

```

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/redteampentesting/cve-2023-33243

Awesome Lists containing this project

README