CVE-2023-28432

This repository contains a functional Python script that exploits CVE-2023-28432, an information disclosure vulnerability in MinIO. The exploit sends a crafted HTTP POST request to the `/minio/bootstrap/v1/verify` endpoint to leak environment variables, including sensitive credentials like `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`.

This repository contains a functional Nuclei template for CVE-2023-28432, which exploits an information disclosure vulnerability in MinIO's cluster deployment. The exploit sends a POST request to the `/minio/bootstrap/v1/verify` endpoint to retrieve sensitive environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`.

The repository contains a functional PoC for CVE-2023-28432, an information disclosure vulnerability in MinIO. The script sends a POST request to the `/minio/bootstrap/v1/verify` endpoint and checks for the presence of sensitive environment variables (`MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`) in the response.

This repository contains a Go-based scanner for detecting CVE-2023-28432, a MinIO sensitive information disclosure vulnerability. It sends a POST request to the '/minio/bootstrap/v1/verify' endpoint and checks for a 200 OK response to determine if the target is vulnerable.

The repository lacks actual exploit code and instead provides vague descriptions and external links, which is characteristic of a social engineering lure. No technical details or PoC code are included.

This repository contains a functional Python exploit for CVE-2023-28432, which targets Minio's environment variable disclosure vulnerability. The script sends a POST request to the `/minio/bootstrap/v1/verify` endpoint and extracts sensitive environment variables like `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`.

This repository contains a Python script that checks for the presence of CVE-2023-28432, an information disclosure vulnerability in MinIO. The script sends a POST request to a specific endpoint and checks the response for indicators of the vulnerability.

This script exploits CVE-2023-28432, an information disclosure vulnerability in MinIO, by sending a POST request to the '/minio/bootstrap/v1/verify' endpoint to leak MINIO_ROOT_USER and MINIO_ROOT_PASSWORD credentials. It supports both single URL and batch file processing, with results exported to an Excel file.

This repository contains a Python script that scans for CVE-2023-28432, an information disclosure vulnerability in MinIO. It checks for the presence of sensitive environment variables (MINIO_ROOT_PASSWORD and MINIO_ROOT_USER) in the response from the MinIO API endpoint.

The repository contains a functional Python script that exploits CVE-2023-28432 in MinIO by sending a crafted POST request to the `/minio/bootstrap/v1/verify` endpoint to leak sensitive environment variables. The exploit is straightforward and demonstrates the vulnerability effectively.

This repository contains a functional Python script that exploits CVE-2023-28432, an information disclosure vulnerability in MinIO. The exploit sends a crafted POST request to the `/minio/bootstrap/v1/verify` endpoint to retrieve sensitive environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`.

This repository contains a Go-based GUI tool that checks for CVE-2023-28432, a MinIO information disclosure vulnerability. It sends a POST request to the `/minio/bootstrap/v1/verify` endpoint and analyzes the response to determine vulnerability status.

This repository contains a functional exploit for CVE-2023-28432, an information disclosure vulnerability in MinIO. The script sends a POST request to a specific endpoint to retrieve MinIO environment variables, including root credentials.

The repository lacks actual exploit code and instead redirects to external sources (GitHub and Yuque) for details. It mentions a backdoor mechanism but provides no technical implementation or analysis.

This repository contains a Metasploit auxiliary module that scans for CVE-2023-28432, an information disclosure vulnerability in MinIO. The script checks for the presence of sensitive environment variables by sending a crafted request to the vulnerable endpoint.

This repository contains a Go-based scanner for detecting CVE-2023-28432, an information disclosure vulnerability in MinIO. The tool sends a POST request to the '/minio/bootstrap/v1/verify' endpoint and checks for the presence of 'MinioEnv' in the response to determine vulnerability.

This repository contains a JavaFX-based tool for detecting and exploiting CVE-2023-28432, a sensitive information disclosure vulnerability in MinIO. The tool sends a crafted POST request to the `/minio/bootstrap/v1/verify` endpoint to leak environment variables like `MINIO_ROOT_USER` and `MINIO_ROOT_PASSWORD`.

This Python script exploits CVE-2023-28432, an information disclosure vulnerability in MinIO, by sending a crafted POST request to the `/minio/bootstrap/v1/verify` endpoint to leak root credentials (MINIO_ROOT_USER/PASSWORD or MINIO_ACCESS_KEY/SECRET_KEY). It supports both single URL and bulk file input with multithreading for efficiency.

This repository provides Docker Compose configurations to test CVE-2023-28432, an information disclosure vulnerability in MinIO clusters. It includes vulnerable and non-vulnerable setups to demonstrate the issue.

This Metasploit module exploits an information disclosure vulnerability in MinIO (CVE-2023-28432) by sending a POST request to the `/minio/bootstrap/v1/verify` endpoint, which returns environment variables including sensitive credentials like `MINIO_ROOT_PASSWORD`.