Open vr-ct opened 1 month ago
Thanks for responding! I was referring to the python poc here: https://github.com/skilfoy/CVE-2024-4323-Exploit-POC
I tried this on an Ubuntu 22.04 system with /bin/bash as the code. Perhaps I’m doing this wrong? I can get the service to crash in 2-3 attempts using the Tenable poc.
Best regards, Venky
Venky Raju | CISSP CCSP Field CTO | ColorTokens Inc. (408) 667-4426 | https://calendly.com/venky-raju/30min
From: Sean Kilfoy @.> Date: Friday, May 31, 2024 at 8:12 AM To: skilfoy/CVE-2024-4323-Exploit-POC @.> Cc: Venky Raju @.>, Author @.> Subject: Re: [skilfoy/CVE-2024-4323-Exploit-POC] OS and arch? (Issue #1) [CAUTION: This Email is from outside the Organization. Unless you trust the sender, Don’t click links or open attachments as it may be a Phishing email, which can steal your Information and compromise your Computer.]
This exploit is written in bash, so it's not working on Windows unless you're using WSL.
— Reply to this email directly, view it on GitHubhttps://protect.checkpoint.com/v2/___https:/github.com/skilfoy/CVE-2024-4323-Exploit-POC/issues/1%23issuecomment-2142474952___.YzJ1OmNvbG9ydG9rZW5zaW5jOmM6bzo0MmM1YWMyZjNkM2Y4NWU2YmNlNzc2OTkyZDBiMWZjZjo2OjNjNmU6NjlkZDhjZGFjODUwZmM0OGI4OGViMjY2MzZkYWQyMWRhYWYwMDYyZWM2OTRiMzQyNmM3MGFiZTNjMTAwMDcyNTpoOlQ, or unsubscribehttps://protect.checkpoint.com/v2/___https:/github.com/notifications/unsubscribe-auth/AX3BQV2NTCVH7BDI7QIVAM3ZFCHK7AVCNFSM6AAAAABID72RKWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBSGQ3TIOJVGI___.YzJ1OmNvbG9ydG9rZW5zaW5jOmM6bzo0MmM1YWMyZjNkM2Y4NWU2YmNlNzc2OTkyZDBiMWZjZjo2OjJjNjA6MjQ3YWZmYjhmYjczZTFmNGQxMWQ0MjZhY2NjMzA1NWNlYTMzYjEwNmFiMzdmNTJkNjY0Nzg4YzhjMDY5NDMwMjpoOlQ. You are receiving this because you authored the thread.Message ID: @.***>
“This email may contain confidential and privileged information intended only for specific purpose and recipient(s). If you are not the intended recipient, kindly delete this message instantly and inform us at @.*** Any disclosure, copying, or distribution of this email, is strictly prohibited.”
Does the RCE exploit only work on Windows?