advisories icon indicating copy to clipboard operation
advisories copied to clipboard

Published 20 hours ago verified publisher icon blackarrowsec

Refactoring and Enhancement of `CVE-2019-14666` Exploit Code

Open n3rada opened this issue 10 months ago • 1 comments

Hello maintainers and contributors, Hello @xassiz,

I'm making this Pull Request because I've had to use this CVE and since I've updated it, I thought you'd like to have an updated version on tray. It was either that or keep it in my personal repository. Preferring the whole community to focus on the original code, I prefer it to be updated here. I hope you appreciate this approach.

This pull request includes a series of improvements and refactorings related to the exploit code for CVE-2019-14666. The main aim of this PR is to enhance clarity, efficiency, and maintainability.

Testing: Thoroughly tested the refactored code against a GLPI <= 9.4.3 instance to ensure that the exploit still functions as intended without any regressions. To avoid spoilers, it's on a HackTheBox box.

Impact:

  • The refactor should not introduce any breaking changes.
  • Performance improvements are expected due to more efficient code structures.
  • Cleaner code and improved documentation.

Key Changes:

  1. Docstring Improvements: Enhanced method docstrings to provide clearer and more detailed descriptions.
  2. Code Refactoring: Restructured the code to follow more Pythonic patterns and conventions. This includes the use of list comprehensions, optimized imports, and cleaner exception handling.
  3. Error Handling: Enhanced error handling to cater for potential edge cases and provide more informative feedback to users.
  4. Function Decomposition: Broke down some larger functions into smaller, more manageable sub-functions to improve code readability and maintainability.

Details

  1. Environment: The new code uses #!/usr/bin/env python3, making it explicit that Python 3 is being used.
  2. Imports:
  • The new code uses the httpx library instead of requests.
  • Removed the import for sys.
  1. Class Structure:
  • The new code has introduced several dunders (__repr__ and __str__) for better string representation of the class instance.
  • Properly separated private and public methods using name mangling (double underscore prefix).
  • Removed the method to disable SSL warnings (requests.packages.urllib3.disable_warnings()) and instead added a parameter verify=False directly into the httpx.Client().
  1. Miscellaneous:
  • The new code uses f-strings for string formatting, which are more readable and efficient.
  • Organized the order of methods (public then private).
  • The main execution (main()) of the script is more structured and leverages the methods in the class for its operation.

n3rada avatar Aug 28 '23 07:08 n3rada