CVE-2024-4956

This exploit leverages a path traversal vulnerability in Sonatype Nexus Repository 3.53.0-01 to read sensitive files like /etc/passwd and /etc/shadow. It uses URL-encoded traversal sequences to bypass restrictions and retrieve file contents.

This repository contains a bulk scanner for CVE-2024-4956, a path traversal vulnerability in Nexus Repository. The scanner tests multiple domains and payloads to detect vulnerable instances by checking for the presence of 'root:' in the response, indicating successful file disclosure.

The repository contains a functional Python script that exploits CVE-2024-4956, a path traversal vulnerability in Nexus Repository Manager 3, allowing unauthenticated access to sensitive files like /etc/passwd and /etc/shadow. The script sends crafted HTTP requests with encoded traversal sequences to retrieve file contents.

This repository contains a functional Python script for exploiting CVE-2024-4956, a path traversal vulnerability. The script automates testing file paths, saving retrieved content, and includes a test mode to verify vulnerability presence.

This repository contains a Python-based scanner for CVE-2024-4956, designed to detect vulnerable endpoints by checking for the presence of '/etc/passwd' in HTTP responses. It includes features like Telegram notifications and bulk URL scanning but does not include exploit code for active exploitation.

This repository contains a functional exploit PoC for CVE-2024-4956, a directory traversal vulnerability in Nexus Repository Manager 3. The exploit uses a crafted HTTP request to access sensitive files (e.g., /etc/passwd) and includes a Python script for automated scanning.

The repository contains a functional Nuclei template and PoC for CVE-2024-4956, demonstrating an unauthenticated path traversal vulnerability in Nexus Repository Manager 3. The exploit leverages URL-encoded traversal sequences to access sensitive system files like /etc/passwd.

This YAML file is a Nuclei template designed to detect a directory traversal vulnerability (CVE-2024-4956) by attempting to access /etc/passwd via a crafted HTTP request. It does not contain exploit code but serves as a detection mechanism for the vulnerability.

This repository contains a functional hash cracker for Apache Shiro hashes, specifically designed to exploit CVE-2024-4956 by cracking password hashes extracted from Nexus Repository's OrientDB files. The tool is written in Go and implements the SHA-512 hashing algorithm with salt and iterations as used by Apache Shiro.

The repository contains a functional Nuclei template and PoC for CVE-2024-4956, demonstrating an unauthenticated path traversal vulnerability in Nexus Repository Manager 3. The exploit leverages URL-encoded traversal sequences to access sensitive system files like /etc/passwd.

This repository contains functional exploit code for CVE-2024-4956, a path traversal vulnerability in Sonatype Nexus Repository Manager. The exploits (Bash and Python) craft a URL to bypass authentication and retrieve arbitrary system files.

This repository contains a functional proof-of-concept for CVE-2024-4956, demonstrating a path traversal vulnerability in Nexus Repository Manager. The exploit uses URL-encoded sequences to access sensitive files like /etc/passwd.

The repository contains a Nuclei template for detecting CVE-2024-4956, an unauthenticated path traversal vulnerability in Nexus Repository Manager 3. The template sends a crafted GET request to retrieve /etc/passwd and checks for the presence of the root user entry.

This repository contains a functional exploit for CVE-2024-4956, a path traversal vulnerability in Nexus Repository 3 versions ≤ 3.68.0. The exploit demonstrates arbitrary file read via crafted URLs, including a script to fetch /etc/passwd and a flag file.

This repository contains a functional Python script that exploits CVE-2024-4956, a path traversal vulnerability in Sonatype Nexus Repository 3.68.0-04, allowing local file inclusion (LFI) via crafted URL paths. The script takes a target URL and file path as arguments, constructs a malicious request with traversal sequences, and retrieves the file contents if vulnerable.

The repository contains a Python script that checks for the presence of the string 'root' in the response from a crafted URL, indicating a potential vulnerability in Sonatype Nexus. It does not exploit the vulnerability but scans for its presence.

This repository contains a Python-based scanner for detecting CVE-2024-4956, an unauthenticated path traversal vulnerability. It sends crafted HTTP requests to check for the presence of the vulnerability by attempting to read '/etc/passwd' via path traversal sequences.

This repository contains a functional exploit for CVE-2024-4956, demonstrating a Local File Inclusion (LFI) vulnerability in Nexus Repository Manager 3. The exploit uses path traversal techniques to access sensitive files like /etc/passwd.