CVE-2022-36663 PoC — Gluu 代码问题漏洞

Source

https://github.com/aqeisi/CVE-2022-36663-PoC

Associated Vulnerability

Title:Gluu 代码问题漏洞 (CVE-2022-36663)
Description:Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF (Server-Side Request Forgery) attacks via a crafted request_uri parameter.

Description

Internal network scanner through Gluu IAM blind ssrf

Readme

# CVE-2022-36663-PoC
Internal network scanner through Gluu IAM blind ssrf

Gluu IAM is vulnerable to blind SSRF which can be exploited to scan the internal network for open ports depending on response times.

https://nvd.nist.gov/vuln/detail/CVE-2022-36663

To check if the target is vulnerable, add `&request_uri=http://burpcollab` to the `/oxauth/restv1/authorize` request and poll for incoming traffic from the target server.
# Usage

```python3 CVE-2022-36663.py --url https://target --ip 10.10.10.10 --port 8080 --ar '/oxauth/restv1/authorize?client_id=<clientID>&redirect_uri=https://target.com/return.html&response_type=code&scope=openid+profile+email+user_name&nonce=<nonce>&acr_values=simple_password_auth&request_uri='```

Url - the Gluu IAM server url

IP - The internal Ip address or subnet that you want to scan

Port - The internal port you want to scan

AR - The authorization request URL ending with an empty request_uri

![image](https://user-images.githubusercontent.com/84850150/197365625-d929cc4f-a87a-4f91-99c8-dd32decad1fb.png)

File Snapshot


 [4.0K]  /data/pocs/6d625e96da68cccf9e2af958321a2dd6e2dc04f7
├── [2.8K]  CVE-2022-36663.py
├── [ 150]  index.html
└── [1.0K]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!