CVE-2022-39197 PoC — HelpSystems Cobalt Strike 跨站脚本漏洞

Source

https://github.com/adeljck/CVE-2022-39197

Associated Vulnerability

Title:HelpSystems Cobalt Strike 跨站脚本漏洞 (CVE-2022-39197)
Description:HelpSystems Cobalt Strike是美国HelpSystems公司的一个渗透测试软件。 HelpSystems Cobalt Strike 4.7及之前版本存在跨站脚本漏洞，该漏洞源于XSS（跨站脚本）漏洞，允许远程攻击者在Cobalt Strike团队服务器上执行HTML。

Description

CVE-2022-39197

Readme

# **CVE-2022-39197 RCE POC**


### Reference Links

[https://mp.weixin.qq.com/s/Eb0pQ-1ebLSKPUFC7zS6dg](https://mp.weixin.qq.com/s/Eb0pQ-1ebLSKPUFC7zS6dg) — There’s a great in depth analysis of this vulnerability
[https://www.agarri.fr/blog/archives/2012/05/11/svg_files_and_java_code_execution/index.html](https://www.agarri.fr/blog/archives/2012/05/11/svg_files_and_java_code_execution/index.html)

File Snapshot


 [4.0K]  /data/pocs/3cfad03e6385aa379f0ec9d7278fd3b2645b588b
├── [1.5K]  cve-2022-39197.py
├── [4.0K]  EvilJar
│   ├── [4.0K]  META-INF
│   │   └── [  50]  MANIFEST.MF
│   ├── [1.9K]  pom.xml
│   └── [4.0K]  src
│       └── [4.0K]  main
│           └── [4.0K]  java
│               └── [1.2K]  Exploit.java
├── [4.0K]  images
│   └── [144K]  1.jpg
├── [ 403]  README.md
├── [  11]  requirements.txt
└── [4.0K]  serve
    └── [ 226]  evil.svg

7 directories, 8 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!