CVE-2023-27524

This exploit leverages a known default secret key vulnerability in Apache Superset to forge a session cookie, bypassing authentication. It decodes the session cookie, cracks it using predefined secret keys, and generates a forged cookie for arbitrary user ID impersonation.

This repository contains a functional exploit for CVE-2023-27524, which leverages default Flask SECRET_KEYs to forge session cookies in Apache Superset, allowing authentication bypass. The script can validate exploitability by enumerating databases via the Superset API.

This repository contains a functional exploit for CVE-2023-27524, which leverages a predictable Flask Secret Key in Apache Superset to bypass authentication and achieve remote code execution (RCE). The exploit includes features for session forgery, database enumeration, user enumeration, command execution, and reverse shell capabilities.

This repository contains a scanner for detecting the Apache Superset authentication bypass vulnerability (CVE-2023-27524). It uses a Flask session cookie manager to generate valid session cookies and checks for the presence of the vulnerability by testing access to the Superset welcome page.

This repository contains a functional exploit for CVE-2023-27524, an authentication bypass vulnerability in Apache Superset. The exploit leverages default secret keys to forge a session cookie, allowing unauthorized access to the application.

This repository contains a functional exploit for CVE-2023-27524, which targets an insecure default configuration in Apache Superset leading to remote code execution. The exploit leverages known secret keys to forge session cookies and bypass authentication.

This repository contains a functional exploit for CVE-2023-27524, which targets an insecure default configuration in Apache Superset leading to remote code execution. The exploit leverages known secret keys to forge session cookies and bypass authentication.

This PoC exploits an authentication bypass vulnerability in Apache Superset by leveraging a flawed session cookie mechanism. It sends a request to the login endpoint to obtain a session cookie, then uses that cookie to access a restricted API endpoint without proper authentication.

This repository contains a scanner for CVE-2023-27524, which checks for the presence of specific endpoints and responses indicative of the vulnerability in Apache Superset. It does not include exploit code but scans for vulnerable endpoints and provides notifications via Telegram.

This repository contains a scanner for detecting CVE-2023-27524, an authentication bypass vulnerability in Apache Superset. It checks for vulnerable endpoints by sending HTTP requests and verifying specific response patterns.

This repository provides a detailed technical analysis and demonstration of CVE-2023-27524, a Broken Object Level Authorization (BOLA) vulnerability. It includes vulnerable and fixed Flask API implementations to illustrate the vulnerability and its remediation.

This repository contains a scanner for detecting CVE-2023-27524, an authentication bypass vulnerability in Apache Superset. It checks for vulnerable endpoints by sending HTTP requests and verifying the presence of specific strings in the response.

This repository contains a technical analysis of CVE-2023-27524, an insecure default configuration in Apache Superset leading to authentication bypass. The writeup discusses the use of Flask's SECRET_KEY for session management and how default configurations can be exploited.

This PoC exploits CVE-2023-27524, an authentication bypass vulnerability in Apache Superset due to hardcoded SECRET_KEY values. It cracks the session cookie using known default keys and forges a new session to bypass authentication.

This PoC exploits CVE-2023-27524, an authentication bypass vulnerability in Apache Superset due to the use of default Flask SECRET_KEYs. It retrieves a session cookie, cracks it using known default keys, and forges a new session cookie to impersonate a user.

The repository contains functional exploit code for CVE-2023-27524, which is an authentication bypass vulnerability in Apache Superset. The exploit forges a session cookie using known default secret keys to bypass authentication and enumerate databases.

This repository contains a functional exploit for CVE-2023-27524, which leverages default Flask SECRET_KEYs in Apache Superset to forge session cookies, enabling authentication bypass. The script automates the process of retrieving a session cookie, cracking it using known default keys, and generating a forged cookie for admin access.

This repository contains a functional exploit for CVE-2023-27524, an authentication bypass vulnerability in Apache Superset. The exploit leverages default secret keys to forge a session cookie, allowing unauthorized access to admin privileges.

This repository contains a Python-based scanner for detecting CVE-2023-27524 in Apache Superset. It checks for vulnerable endpoints by sending HTTP requests and analyzing responses for specific indicators like 'database_name' and 'configuration_method'.

The repository contains a functional exploit for CVE-2023-27524, an unauthenticated access vulnerability in Apache Superset. The PoC decrypts session cookies using known secret keys and forges a new session cookie to bypass authentication.

This Metasploit module exploits CVE-2023-27524 by forging signed Flask session cookies in Apache Superset <= 2.0.0, allowing privilege escalation to admin and retrieval of database credentials.