CVE-2020-21365 PoC — wkhtmltopdf 路径遍历漏洞

Source

https://github.com/andrei2308/CVE-2020-21365-PoC

Associated Vulnerability

Title:wkhtmltopdf 路径遍历漏洞 (CVE-2020-21365)
Description:wkhtmltopdf是wkhtmltopdf开源的一个库。用于将 HTML 转换为 PDF。 wkhtmltopdf 0.12.5版本及之前版本存在安全漏洞。远程攻击者利用该漏洞读取本地文件并通过特制的 html 文件泄露敏感信息。

Description

PoC for directory traversal and exposure on wkhtmltopdf 12.0.5

File Snapshot


 [4.0K]  /data/pocs/3cf7e4bb9f305b97a24f3e64b4ea43676bfc2e37
└── [ 132]  index.html

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!