This exploit scans whether the provided target is vulnerable to CVE-2023-49070/CVE-2023-51467 and also exploits it depending on the choice of the user.**Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467**
Apache OFBiz is an open source enterprise resource planning system. It provides a suite of enterprise applications that integrate and automate many of the business processes of an enterprise.
**CVE-2023-49070** is a pre-authentication Remote Code Execution (RCE) vulnerability which has been identified in Apache OFBiz 18.12.09. The issue stems from the presence of XML-RPC, which is no longer maintained but remains in the system.
**CVE-2023-51467** permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code.
**Affected versions:** 18.12.10 and below
This exploit scans whether the provided target is vulnerable and also exploits it depending on the choice of the user.
**Usage:**
python3 exploit.py https://localhost:8443/
**Reference:**
https://www.prio-n.com/blog/cve-2023-49070-51467-attacking-defending-Apache-OFBiz
**Note:** You should have the ysoserial-all.jar file in the same directory as the exploit. You can either download it from this repo or from https://github.com/frohoff/ysoserial/releases/latest/download/ysoserial-all.jar.
**If the serialization does not happen or if the exploit is not successful due to some reason, follow the steps below to downgrade your java version and try again.**
update-java-alternatives --list
sudo update-java-alternatives --set /usr/lib/jvm/java-1.11.0-openjdk-amd64
sudo update-java-alternatives --set <Any_lower_compatible_version>
**Disclaimer:**
This exploit is to be used only for educational and authorized testing purposes. Illegal/unauthorized use of this exploit is prohibited.
[4.0K] /data/pocs/008b944e24e04575a2cff428ac1114bf0e46b6bd
├── [4.9K] exploit.py
├── [1.6K] README.md
└── [ 57M] ysoserial-all.jar
0 directories, 3 files