Exploit for Use of Less Trusted Source in Apache Http_Server CVE-2022-31813

Name: Exploit for Use of Less Trusted Source in Apache Http_Server CVE-2022-31813
Rating: 5 (338 reviews)
2025-05-21 | CVSS 9.8
## https://sploitus.com/exploit?id=D5084D51-C8DF-5CBA-BC26-ACF2E33F8E52
# CVE-2022-31813 Vulnerability Checker

**Author**: Derek Odiorne  
**GitHub**: [@dodiorne](https://github.com/dodiorne)  
**Version**: 1.2  
**Last Updated**: May 21, 2025  
**MITRE ATT&CK Technique**: [T1190 – Exploit Public-Facing Application](https://attack.mitre.org/techniques/T1190/)

---

## 🧠 Description

This tool is a **black-box vulnerability scanner** for detecting **CVE-2022-31813**, a path traversal and access control bypass vulnerability in **Apache HTTP Server ≤ 2.4.53** using `mod_proxy` and `ProxyPassMatch`.

It is designed for **penetration testers and red team operators** who want a non-intrusive and observable method to detect this vulnerability without requiring access to server configurations.

---

## 🚀 Features

- 🔍 Tests multiple bypass vectors using crafted HTTP requests
- ✅ Provides **clear vulnerability verdict** per host
- 🌈 **Color-coded terminal output** for fast interpretation
- 🖼 **Screenshots** each request via headless browser for forensics
- 📊 Logs all results into a structured **CSV report**
- 🛡 MITRE ATT&CK reference included for operational reporting

---

## 🧪 Tested On

- Python 3.8+
- Debian / Ubuntu / Kali Linux
- Google Chrome + ChromeDriver

---
## Install Requirements
pip install requests selenium pandas --break-system-packages
🛠️ Ensure ChromeDriver is installed and in your PATH.

⚙️ Usage
Scan a Single Host (port 80 by default)

python3 cve_2022_31813_checker.py -t example.com
Scan a Host on a Specific Port

python3 cve_2022_31813_checker.py -t example.com --port 8080
Scan Multiple Hosts
Create a targets.txt file:

example.com
192.168.1.10
web.server.org
Then run:

python3 cve_2022_31813_checker.py -f targets.txt --port 8000
📁 Output
After execution, you'll get a directory like:

cve_31813_output_20250521_153000/
├── results.csv

└── screenshots/

    ├── example_com_80__app_.._admin.png
    
    ├── ...

🚀 Example Usage
The script supports scanning single or multiple hosts, using either HTTP or HTTPS, with automatic fallback detection for HTTPS redirection.

🔹 Scan a Single Target (Default: HTTP on port 80)
python3 cve_2022_31813_checker.py -t example.com

🔹 Scan a Single Target on HTTPS (port 443)
python3 cve_2022_31813_checker.py -t example.com --scheme https --port 443

🔹 Scan a Single Target on a Custom Port (e.g., 8080)
python3 cve_2022_31813_checker.py -t example.com --port 8080

🔹 Scan Multiple Targets from a File
Create a targets.txt file like:
example.com
192.168.1.100
secure.company.org

python3 cve_2022_31813_checker.py -f targets.txt
python3 cve_2022_31813_checker.py -f targets.txt --scheme https --port 443