RCE 0-day for GhostScript 9.50 - Payload generator

Last update: Dec 14, 2022

Overview

RCE-0-day-for-GhostScript-9.50

PoC for RCE 0-day for GhostScript 9.50 - Payload generator

The PoC in python generates payload when exploited for a 0-day of GhostScript 9.50. This 0-day exploit affect to ImageMagick with the default settings from Ubuntu repository (Tested with default settings of ImageMagick on Ubuntu 20.04)

This project is created only for educational purposes and cannot be used for law violation or personal gain.

The author of this project is not responsible for any possible harm caused by the materials of this project.

Original finding and awesome research from Emil Lerner: https://twitter.com/emil_lerner/status/1430502815181463559

Usage: `python IM-RCE-via-GhostScript-9.5.py <CMD> <Exploit-File>`

Demo

Noted for php-imagemagick, sometime you must find the correct `fd/<number>`. The easiest way for doing this stuff is fuzzylogic and something like this (Tested with Ubuntu 20.04 and default php-imagemagick installed).

Owner

Just another web warrior ⚔️

GitHub Repository

A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.

PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio

26 Sep 04, 2022

Hikvision 流媒体管理服务器敏感信息泄漏

Hikvisioninformation Hikvision 流媒体管理服务器敏感信息泄漏 Options optional arguments: -h, --help show this help message and exit -u url, --url url

13 Nov 09, 2022

A deobfuscator for multiple python obfuscators

PY4COC A deobfuscator for multiple python obfuscators, supports exe's packed with pyinstaller too. How to use python3 py4coc.py exe file or py file o

16 Dec 03, 2022

Log4j minecraft with python

log4jminecraft This code DOES NOT promote or encourage any illegal activities! The content in this document is provided solely for educational purpose

154 Dec 24, 2022

CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware.

CVE-2021-43936 CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware. This vulnerability w

8 Jul 05, 2022

Exploit-CVE-2021-21086

CVE-2021-21086 Exploit This exploit allows to execute a shellcode in the context of the rendering process of Adobe Acrobat Reader DC 2020.013.20074 an

23 Nov 09, 2022

ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan

ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.

45 Dec 28, 2022

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

DirBruter DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by laun

12 Dec 17, 2022

Apk Framework Detector

🚀🚀🚀Program helps you to detect the major framework or technology used in writing any android app. Just provide the apk 😇😇

10 Dec 07, 2022

MTBLLS Ethical Hacking Tool Announcement of v2.0

MTBLLS Ethical Hacking Tool Announcement of v2.0 MTBLLS is a Free and Open-Source Ethical Hacking Tool developed by GhostTD (SkyWtkh) The tool can onl

2 Mar 19, 2022

A great and handy python obfuscator for protecting code.

Python Code Obfuscator A handy and necessary tool that can protect your code anytime! Mostly Command Line tool that will obfuscate your code. Features

5 Nov 18, 2022

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

Flask-SeaSurf SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF). CSRF vulnerabilities have been found in large and popular

183 Dec 28, 2022

POC using subprocess lib in Python 🐍

POC subprocess ☞ POC using the subprocess library with Python. References: https://github.com/GuillaumeFalourd/poc-subprocess https://geekflare.com/le

2 Nov 28, 2022

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effec

2 Mar 23, 2022

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service. This tool can help a digital forensic investigator to know the conte

96 Dec 20, 2022

RCE 0-day for GhostScript 9.50 - Payload generator

Related tags

Overview

RCE-0-day-for-GhostScript-9.50

PoC for RCE 0-day for GhostScript 9.50 - Payload generator

The PoC in python generates payload when exploited for a 0-day of GhostScript 9.50. This 0-day exploit affect to ImageMagick with the default settings from Ubuntu repository (Tested with default settings of ImageMagick on Ubuntu 20.04)

This project is created only for educational purposes and cannot be used for law violation or personal gain.

The author of this project is not responsible for any possible harm caused by the materials of this project.

Original finding and awesome research from Emil Lerner: https://twitter.com/emil_lerner/status/1430502815181463559

Usage: `python IM-RCE-via-GhostScript-9.5.py <CMD> <Exploit-File>`

Demo

Noted for php-imagemagick, sometime you must find the correct `fd/<number>`. The easiest way for doing this stuff is fuzzylogic and something like this (Tested with Ubuntu 20.04 and default php-imagemagick installed).

Owner

A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.

Hikvision 流媒体管理服务器敏感信息泄漏

A deobfuscator for multiple python obfuscators

Log4j minecraft with python

CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware.

Exploit-CVE-2021-21086

ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

Apk Framework Detector

MTBLLS Ethical Hacking Tool Announcement of v2.0

A great and handy python obfuscator for protecting code.

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

POC using subprocess lib in Python 🐍

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

A forensic collection tool written in Python.

Used to build an XSS platform on the command line.

This respository contains the source code of the printjack and phonejack attacks.

Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples

This is a js front-end encryption blasting account and password tools

RCE 0-day for GhostScript 9.50 - Payload generator

Related tags

Overview

RCE-0-day-for-GhostScript-9.50

PoC for RCE 0-day for GhostScript 9.50 - Payload generator

The PoC in python generates payload when exploited for a 0-day of GhostScript 9.50. This 0-day exploit affect to ImageMagick with the default settings from Ubuntu repository (Tested with default settings of ImageMagick on Ubuntu 20.04)

This project is created only for educational purposes and cannot be used for law violation or personal gain.

The author of this project is not responsible for any possible harm caused by the materials of this project.

Original finding and awesome research from Emil Lerner: https://twitter.com/emil_lerner/status/1430502815181463559

Usage: python IM-RCE-via-GhostScript-9.5.py <CMD> <Exploit-File>

Demo

Noted for php-imagemagick, sometime you must find the correct fd/<number>. The easiest way for doing this stuff is fuzzylogic and something like this (Tested with Ubuntu 20.04 and default php-imagemagick installed).

Owner

A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.

Hikvision 流媒体管理服务器敏感信息泄漏

A deobfuscator for multiple python obfuscators

Log4j minecraft with python

CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware.

Exploit-CVE-2021-21086

ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

Apk Framework Detector

MTBLLS Ethical Hacking Tool Announcement of v2.0

A great and handy python obfuscator for protecting code.

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

POC using subprocess lib in Python 🐍

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

A forensic collection tool written in Python.

Used to build an XSS platform on the command line.

This respository contains the source code of the printjack and phonejack attacks.

Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples

This is a js front-end encryption blasting account and password tools

Usage: `python IM-RCE-via-GhostScript-9.5.py <CMD> <Exploit-File>`

Noted for php-imagemagick, sometime you must find the correct `fd/<number>`. The easiest way for doing this stuff is fuzzylogic and something like this (Tested with Ubuntu 20.04 and default php-imagemagick installed).