Giters

That-Guy-Steve / CVE-2022-28368-handler

This repository contains a python script that will handle the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2022-28368-handler

This repository contains a python script that will handle the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request. It will even provide a trigger string to start the exploit :)

Usage

usage: CVE-2022-28368.py [-h] -d DOMPDF_LOCATION [-f FONTNAME] -i HTTP_IP [-p HTTP_PORT] [-P PHP] [-w] [-r]

This script handles the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request

optional arguments:
  -h, --help            show this help message and exit
  -d DOMPDF_LOCATION, --dompdf-location DOMPDF_LOCATION
                        dompdf location on target webserver (example: http://target.com/vendor/dompdf)
  -f FONTNAME, --fontname FONTNAME
                        Exploit font name (default: expfont.php)
  -i HTTP_IP, --http-ip HTTP_IP
                        HTTP listener IP
  -p HTTP_PORT, --http-port HTTP_PORT
                        HTTP listener PORT (default: 80)
  -P PHP, --php PHP     PHP to execute (default: <?php system("whoami"); ?>)
  -w, --webshell        Spawn web shell
  -r, --revshell        Spawn reverse shell (Uses HTTP listener IP and port 9001 by default)

See for technical details of the vulnerability:

https://positive.security/blog/dompdf-rce https://github.com/positive-security/dompdf-rce

About

This repository contains a python script that will handle the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request

Languages

Language:Python 100.0%