Giters

aslitsecurity / Zimbra-CVE-2022-30333

Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Zimbra-CVE-2022-30333

Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC.

CVE-2022-30333 Zimbra UNRAR vulnerability. Unrar till V 6.11 vulnerable. Make sure your .jsp shell is undetected. This exploit will work on zimbra installed on default path.

Place your webshell in folder root_ver. Remove existing shell.jsp file. And then rar the root_ver folder. Not ZIP, only rar. Then python CVE-2022-30333.py root_ver.rar output.rar. Output.rar is the file you need to send.

Do not add more than 1 file on root_ver/ folder.

It can take few minutes for the shell to be extracted, or sometimes email is delivered late.

Your shell will be extracted at domain.com/yourshellname.jsp

About

Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC.

Languages

Language:Python 99.9%Language:Java 0.1%