CVE-2023-1718 PoC — Bitrix24 Denial-of-Service (DoS) via Improper File Stream Access

Source

Associated Vulnerability

Description

This Python script is designed to exploit a security vulnerability in Bitrix24, leading to a Denial of Service (DoS) attack. The vulnerability, identified as CVE-2023-1718, allows an attacker to disrupt the normal operation of a Bitrix24 instance.

Readme

# Bitrix24 DoS Exploit

This repository contains a Python script designed to exploit a Denial of Service (DoS) vulnerability in Bitrix24. Please note that this script is for educational purposes only, and its use for unauthorized activities is illegal and unethical.

## CVE-2023-1718

- **CVE Identifier**: CVE-2023-1718
- **Vulnerability Type**: Denial of Service (DoS)
- **Target System**: Bitrix24

## Usage

To use this script, follow the instructions below:

1. Clone the repository to your local machine.

2. Install the required dependencies using the following command:

   ```bash
   pip install aiohttp

3. Run the script by providing the necessary command-line arguments:

   ```bash
   python3 bitrix24dos.py --host <Target Host URL> --site_id <SITE_ID Value> --num_requests <Number of Requests>


## Result
![Screenshot 2023-11-07 at 17 20 15](https://github.com/jhonnybonny/Bitrix24DoS/assets/87495218/e6c6af1e-e777-4e31-bbdd-6e4910129a00)

File Snapshot

 [4.0K]  /data/pocs/5e60f7b8f90866cdfe9eec358f46d5c5839baa29
├── [2.2K]  bitrix24dos.py
├── [1.0K]  LICENSE
└── [ 955]  README.md

0 directories, 3 files

Remarks