CVE-2023-34362

This PoC exploits CVE-2023-34362, a SQL injection vulnerability in MOVEit Transfer. It leverages session variable manipulation and a crafted JWT to achieve unauthorized access and execute arbitrary SQL commands.

This is a functional exploit for CVE-2023-34362, targeting MOVEit Transfer's unauthenticated SQL injection and deserialization vulnerabilities to achieve remote code execution. The PoC leverages session manipulation and SQLi to execute arbitrary commands, with a default payload spawning 'notepad.exe'.

This PoC exploits CVE-2023-34362, a SQL injection vulnerability in MOVEit Transfer. It leverages session variable manipulation and a crafted JWT to achieve unauthorized access and execute arbitrary SQL commands.

This repository is a writeup tracking the impact of CVE-2023-34362, including affected organizations and domains discovered via SFTP header and cookie methods. It also provides a news ticker for MOVEit-related stories.

This is a functional exploit for CVE-2023-34362, targeting MOVEit Transfer's SQL injection vulnerability via session variable manipulation. It includes steps for CSRF token retrieval, session variable injection, and SQL command execution.

This repository contains a README file with disclaimers and references to IOCs (Indicators of Compromise) for CVE-2023-34362, a vulnerability in MOVEit software. It does not include exploit code or technical details of the vulnerability.

This script decrypts payloads from MOVEit Transfer logs by reconstructing the AES-256-CBC key and IV using the OrgKey 0 and static key components. It validates decryption success by comparing SHA1 hashes from the payload header.

This repository provides a technical writeup for CVE-2023-34362, a critical SQL injection vulnerability in MOVEit Transfer. It includes root cause analysis, attack timeline, and a structured methodology for vulnerability research.

This repository provides a detailed academic analysis of CVE-2023-34362, focusing on defensive detection techniques for SQL injection patterns in MOVEit Transfer. It includes a Python script and Sigma rule for log analysis but does not contain exploit code.

This repository provides a detailed analysis of the MOVEit Transfer data breach (CVE-2023-34362), focusing on the technical impact of unauthenticated SQL Injection. It is part of a CS50 Cybersecurity project and does not contain exploit code.

This repository contains a writeup about the MOVEit Transfer 2023 data breach involving CVE-2023-34362, a SQL injection vulnerability exploited by the Cl0p ransomware group. It provides incident details and course relevance but lacks exploit code or technical PoC.

This repository provides a comprehensive defense package for CVE-2023-34362, including detection rules, IOCs, and mitigation strategies for a critical SQL Injection and RCE vulnerability in Progress MOVEit Transfer.

The repository contains a Burp Suite extension for exploiting CVE-2021-26855, an SSRF vulnerability in Microsoft Exchange Server. The extension includes functionality to check for vulnerability and perform the attack by sending crafted requests.

This is a functional exploit for CVE-2023-34362, targeting MOVEit Transfer. It leverages unauthenticated SQL injection to create a sysadmin account, then uses deserialization to achieve remote code execution (RCE).

This repository contains a README linking to a video analysis of CVE-2023-34362, a vulnerability in MOVEit software. No exploit code or technical PoC is provided.

This Metasploit module exploits an SQL injection vulnerability in MOVEit Transfer to gain unauthorized database access and potentially execute a .NET deserialization payload for RCE.