RCE 0-day for GhostScript 9.50 - Payload generator

Last update: Dec 14, 2022

Overview

RCE-0-day-for-GhostScript-9.50

PoC for RCE 0-day for GhostScript 9.50 - Payload generator

The PoC in python generates payload when exploited for a 0-day of GhostScript 9.50. This 0-day exploit affect to ImageMagick with the default settings from Ubuntu repository (Tested with default settings of ImageMagick on Ubuntu 20.04)

This project is created only for educational purposes and cannot be used for law violation or personal gain.

The author of this project is not responsible for any possible harm caused by the materials of this project.

Original finding and awesome research from Emil Lerner: https://twitter.com/emil_lerner/status/1430502815181463559

Usage: `python IM-RCE-via-GhostScript-9.5.py <CMD> <Exploit-File>`

Demo

Noted for php-imagemagick, sometime you must find the correct `fd/<number>`. The easiest way for doing this stuff is fuzzylogic and something like this (Tested with Ubuntu 20.04 and default php-imagemagick installed).

Owner

Just another web warrior ⚔️

GitHub Repository

RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,

53 Nov 01, 2022

A brute Force tool for Facebook

EliBruter A brute Force tool for Facebook Installing this tool -- $ pkg upgrade && update $ pkg install python $ pkg install python3 $ pkg install gi

3 Mar 29, 2022

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w

48 Dec 03, 2022

This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.

RemoteMouse-3.008-Exploit The RemoteMouse application is a program for remotely controlling a computer from a phone or tablet. This exploit allows to

25 Dec 04, 2022

MozDef: Mozilla Enterprise Defense Platform

MozDef: Documentation: https://mozdef.readthedocs.org/en/latest/ Give MozDef a Try in AWS: The following button will launch the Mozilla Enterprise Def

2.2k Jan 08, 2023

Extensive Python3 network scanner, simplified.

Snake Map Extensive Python3 network scanner, simplified. _,.--. --..,_ .'`__ o `;__, `'.'. .'.'` '---'` '

4 Apr 16, 2022

Omega - From Wordpress admin to pty

The Linux tool to automate the process of getting a pty once you got admin credentials in a Wordpress site. Keep in mind that right now Omega only can attack Linux hosts.

12 Nov 09, 2022

Python script to tamper with pages to test for Log4J Shell vulnerability.

log4jShell Scanner This shell script scans a vulnerable web application that is using a version of apache-log4j 2.15.0. This application is a static

8 Oct 20, 2022

Script Crack Facebook Elite 🚶‍♂

elite Script Crack Facebook Elite 🚶‍♂ Install Script $ pkg update && pkg upgrade $ termux-setup-storage $ pkg install git $ pkg install python $ pip

1 Jan 02, 2022

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co

396 Jan 08, 2023

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

FOSSLight Scanner Analyze at once for Open Source Compliance. FOSSLight Scanner performs open source analysis after downloading the source by passing

8 Nov 03, 2022

It's a simple tool for test vulnerability shellshock

Shellshock, also known as Bashdoor, is a family of security bugs in the Unix Bash shell, the first of which was disclosed on 24 September 2014. Shellshock could enable an attacker to cause Bash to ex

88 Dec 23, 2022

Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software in packages called containers However, 'security' is a top request on Docker's public roadmap This project aims at vulnerability check for such docker containers. New contributions are accepted

Docker-Vulnerability-Check Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software i

103 Aug 20, 2022

RCE 0-day for GhostScript 9.50 - Payload generator

Related tags

Overview

RCE-0-day-for-GhostScript-9.50

PoC for RCE 0-day for GhostScript 9.50 - Payload generator

The PoC in python generates payload when exploited for a 0-day of GhostScript 9.50. This 0-day exploit affect to ImageMagick with the default settings from Ubuntu repository (Tested with default settings of ImageMagick on Ubuntu 20.04)

This project is created only for educational purposes and cannot be used for law violation or personal gain.

The author of this project is not responsible for any possible harm caused by the materials of this project.

Original finding and awesome research from Emil Lerner: https://twitter.com/emil_lerner/status/1430502815181463559

Usage: `python IM-RCE-via-GhostScript-9.5.py <CMD> <Exploit-File>`

Demo

Noted for php-imagemagick, sometime you must find the correct `fd/<number>`. The easiest way for doing this stuff is fuzzylogic and something like this (Tested with Ubuntu 20.04 and default php-imagemagick installed).

Owner

RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

A brute Force tool for Facebook

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.

MozDef: Mozilla Enterprise Defense Platform

Extensive Python3 network scanner, simplified.

Omega - From Wordpress admin to pty

Python script to tamper with pages to test for Log4J Shell vulnerability.

Script Crack Facebook Elite 🚶‍♂

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

It's a simple tool for test vulnerability shellshock

Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

这次是可可萝病毒！

Crypto Meta Extractor

script that pulls cve collections from NVD.NIST.GOV.

A curated list of amazingly awesome Cybersecurity datasets

A small Python Script To get all levels of subdomains from a list

RCE 0-day for GhostScript 9.50 - Payload generator

Related tags

Overview

RCE-0-day-for-GhostScript-9.50

PoC for RCE 0-day for GhostScript 9.50 - Payload generator

The PoC in python generates payload when exploited for a 0-day of GhostScript 9.50. This 0-day exploit affect to ImageMagick with the default settings from Ubuntu repository (Tested with default settings of ImageMagick on Ubuntu 20.04)

This project is created only for educational purposes and cannot be used for law violation or personal gain.

The author of this project is not responsible for any possible harm caused by the materials of this project.

Original finding and awesome research from Emil Lerner: https://twitter.com/emil_lerner/status/1430502815181463559

Usage: python IM-RCE-via-GhostScript-9.5.py <CMD> <Exploit-File>

Demo

Noted for php-imagemagick, sometime you must find the correct fd/<number>. The easiest way for doing this stuff is fuzzylogic and something like this (Tested with Ubuntu 20.04 and default php-imagemagick installed).

Owner

RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

A brute Force tool for Facebook

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.

MozDef: Mozilla Enterprise Defense Platform

Extensive Python3 network scanner, simplified.

Omega - From Wordpress admin to pty

Python script to tamper with pages to test for Log4J Shell vulnerability.

Script Crack Facebook Elite 🚶‍♂

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

It's a simple tool for test vulnerability shellshock

Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

这次是可可萝病毒！

Crypto Meta Extractor

script that pulls cve collections from NVD.NIST.GOV.

A curated list of amazingly awesome Cybersecurity datasets

A small Python Script To get all levels of subdomains from a list

Usage: `python IM-RCE-via-GhostScript-9.5.py <CMD> <Exploit-File>`

Noted for php-imagemagick, sometime you must find the correct `fd/<number>`. The easiest way for doing this stuff is fuzzylogic and something like this (Tested with Ubuntu 20.04 and default php-imagemagick installed).