# SnipCommand 0.1.0 XSS&RCE漏洞
==EXP==
# Exploit Title: SnipCommand 0.1.0 - XSS to RCE # Exploit Author: TaurusOmar # Date: 04/05/2021 # CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H # Risk: High (8.8) # Vendor Homepage: https://github.com/gurayyarar/SnipCommand # Version: 0.1.0 # Tested on: Windows, Linux, MacOs # Software Description: Open source command snippets manager for organize and copy fast. It helps you create, organize and store your commands (Excel formulas, Sql Queries, Terminal commands, etc.) with dynamic parameters for quick copy to it. Describe your commands with dynamic parameters also support documentation about your snippets. You can select or specify your dynamic values using with selectbox/inputbox for ready to paste the workspace. You can organize with tags. # Vulnerability Description: The software allows you to store payloads in the form of files or as titles in their dynamic values, once the malicious code is entered, the payload will be executed immediately. The attacker can send a malicious file with the payload, when this file is opened, the chain will be executed successfully giving access to the the remote attacker to get remote execution on the computer. #Proof video https://imgur.com/a/I2reH1M # Payload: exec(Attacker Reverse netcat stolen => /etc/passwd) && exec(calc)
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容