Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-21315 PoC — Systeminformation 操作系统命令注入漏洞

Source
https://github.com/MazX0p/CVE-2021-21315-exploit
Associated Vulnerability
Title:Systeminformation 操作系统命令注入漏洞 (CVE-2021-21315)
Description:Systeminformation中存在操作系统命令注入漏洞,该漏洞源于外部输入数据构造操作系统可执行命令过程中,网络系统或产品未正确过滤其中的特殊字符、命令等。攻击者可利用该漏洞执行非法操作系统命令。
Description
systeminformation
Readme
# CVE-2021-21315 Exploit
- Des:


My python Script to exploit system Information Library for Node.JS (npm package "systeminformation"). npmjs.com/systeminformation


I thought this POC will not show real world impact, But it'll be cool in CTF's
File Snapshot

 [4.0K]  /data/pocs/2b7080dab18df412425c8ebae92840098caea2a0
├── [1.8K]  CVE-2021-21315-exploit.py
└── [ 245]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.