kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition

• Exploit Database
• 46 阅读

• 作者： Mohammad Reza Omrani
  日期： 2024-03-05
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/51859/

• # Exploit Title: kk Star Ratings < 5.4.6 - Rating Tampering via Race
  Condition
  # Google Dork: inurl:/wp-content/plugins/kk-star-ratings/
  # Date: 2023-11-06
  # Exploit Author: Mohammad Reza Omrani
  # Vendor Homepage: https://github.com/kamalkhan
  # Software Link: https://wordpress.org/plugins/kk-star-ratings/
  # WPScan :
  https://wpscan.com/vulnerability/6f481d34-6feb-4af2-914c-1f3288f69207/
  # Version: 5.4.6
  # Tested on: WordPress 6.2.2
  # CVE : CVE-2023-4642
  
  # POC:
  1- Install and activate kk Star Ratings.
  2- Go to the page that displays the star rating.
  3- Using Burp and the Turbo Intruder extension, intercept the rating
  submission.
  4- Send the request to Turbo Intruder using Action > Extensions > Turbo
  Intruder > Send to turbo intruder.
  5- Drop the initial request and turn Intercept off.
  6- In the Turbo Intruder window, add "%s" to the end of the connection
  header (e.g. "Connection: close %s").
  7- Use the code `examples/race.py`.
  8- Click "Attack" at the bottom of the window. This will send multiple
  requests to the server at the same moment.
  9- To see the updated total rates, reload the page you tested.