{"id":19273186,"url":"https://github.com/exfil0/test_iconv","last_synced_at":"2026-06-15T12:31:34.284Z","repository":{"id":242609372,"uuid":"810040956","full_name":"exfil0/test_iconv","owner":"exfil0","description":"This repository contains a C program to test for CVE-2024-2961, a buffer overflow vulnerability in the iconv() function of glibc.","archived":false,"fork":false,"pushed_at":"2024-06-04T00:22:13.000Z","size":8,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-23T20:41:52.310Z","etag":null,"topics":["buffer","cve","cve-202402961","glibc","iconv","overflow","pentest","test","vulnerability"],"latest_commit_sha":null,"homepage":"https://karimjaber.net","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/exfil0.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-06-03T23:53:43.000Z","updated_at":"2024-06-04T00:22:16.000Z","dependencies_parsed_at":"2024-06-04T02:02:49.948Z","dependency_job_id":"e125dfb3-bd0b-46e9-b698-6be982a8abca","html_url":"https://github.com/exfil0/test_iconv","commit_stats":null,"previous_names":["exfil0/test_iconv"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/exfil0/test_iconv","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/exfil0%2Ftest_iconv","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/exfil0%2Ftest_iconv/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/exfil0%2Ftest_iconv/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/exfil0%2Ftest_iconv/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/exfil0","download_url":"https://codeload.github.com/exfil0/test_iconv/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/exfil0%2Ftest_iconv/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34363537,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-15T02:00:07.085Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["buffer","cve","cve-202402961","glibc","iconv","overflow","pentest","test","vulnerability"],"created_at":"2024-11-09T20:41:22.808Z","updated_at":"2026-06-15T12:31:34.258Z","avatar_url":"https://github.com/exfil0.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# Testing CVE-2024-2961 (V1 - Under Analysis)\n\nThis repository contains a C program to test for CVE-2024-2961, which involves a buffer overflow vulnerability in the `iconv()` function of the GNU C Library (glibc). Due to the structure of PHP’s heap, this overflow can be exploited to modify part of a free list pointer, ultimately providing an arbitrary write primitive within the program’s memory. Consequently, any attacker with a file read vulnerability and a controlled prefix on a PHP application can achieve RCE. Similarly, forcing PHP to call iconv() with controlled parameters grants the attacker the same capability.\n\n## Prerequisites\n\n- A system with glibc version 2.39 or older.\n- GCC (GNU Compiler Collection) installed.\n- `iconv` library installed.\n\n## Steps to Test\n\n### 1. Check glibc Version\n\nEnsure that your system has glibc version 2.39 or older:\n\n```bash\nldd --version\n```\n\n### 2. Clone the Repository\n\nClone this repository to your local machine:\n\n```bash\ngit clone https://github.com/exfil0/test_iconv.git\ncd test_iconv\n```\n\n### 3. Compile the Program\n\nUse GCC to compile the C program:\n\n```bash\ngcc -o test_iconv test_iconv.c -liconv\n```\n\n### 4. Run the Program\n\nExecute the compiled program:\n\n```bash\n./test_iconv\n```\n\n### 5. Analyze the Results\n\n- If the program crashes or behaves unexpectedly, it might be an indication of the buffer overflow.\n- Use debugging tools like `gdb` to analyze the crash and confirm if it is related to the vulnerability.\n\n### Optional: Debugging with GDB\n\nIf you encounter a crash, you can use `gdb` to get more details:\n\n```bash\ngdb ./test_iconv\n```\n\nWithin GDB, run the program:\n\n```gdb\nrun\n```\n\nIf the program crashes, you can inspect the state of the program:\n\n```gdb\nbt\n```\n\nThis will give you a backtrace of the crash, which can help in diagnosing if the overflow is due to the CVE.\n\n### Optional: Using Sanitizers\n\nCompile the program with AddressSanitizer to catch the overflow:\n\n```bash\ngcc -fsanitize=address -o test_iconv test_iconv.c -liconv\n./test_iconv\n```\n\nAddressSanitizer will provide detailed information if there is a buffer overflow.\n\n## Mitigation\n\nIf the vulnerability is confirmed, consider updating glibc to a version where this issue is patched. You can download and install the latest version from the GNU project's website or your distribution's package manager.\n\n## Research\n\nFor more details on this vulnerability, you can read the following research article:\n[GLIBC Flaw CVE-2024-2961 Opens Door to RCE, PoC Exploit Published](https://securityonline.info/glibc-flaw-cve-2024-2961-opens-door-to-rce-poc-exploit-published/)\n\n## Disclaimer\n\nThis code is for educational and testing purposes only. Do not use it on systems without proper authorization.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fexfil0%2Ftest_iconv","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fexfil0%2Ftest_iconv","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fexfil0%2Ftest_iconv/lists"}