CVE-2019-11932 PoC — Facebook WhatsApp 资源管理错误漏洞

Source

https://github.com/TulungagungCyberLink/CVE-2019-11932

Associated Vulnerability

Title:Facebook WhatsApp 资源管理错误漏洞 (CVE-2019-11932)
Description:Facebook WhatsApp是美国Facebook公司的一套利用网络传送短信的移动应用程序。该应用程序通过智能手机中的联络人信息，查找使用该软件的联络人传送文字、图片等。基于Android平台的Facebook WhatsApp 2.19.244之前版本中的libpl_droidsonroids_gif 1.2.18之前版本的decoding.c文件的DDGifSlurp函数存在资源管理错误漏洞。远程攻击者可利用该漏洞执行任意代码或造成拒绝服务。

Description

Double-Free BUG in WhatsApp exploit poc.

Readme

# CVE-2019-11932
 Double-Free bug in WhatsApp exploit poc.
 
 #Note: Make sure to set the listner ip in exploit.c inorder to get shell
 
 - nc -lvp 1337 or whatever port.
 
 - and then compile.
 
 - make
 
 - or 
 
 - gcc -o exploit egif_lib.c exploit.c
 
 - then run ./exploit and save the content to <filename>.gif
 
 - and send to victim.
 
 ### Source
 https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/.
 
 ### Poc_Video
 https://drive.google.com/file/d/1XP7K5zkKEhmbEONvRpjrkTQ5pwpBc6G_/view?usp=sharing
         
 
 
 I don't own this , if you have issues please contact the owner

File Snapshot


 [4.0K]  /data/pocs/5e3d028489f547c8b23e0123c1f23c534315c20c
├── [3.3K]  egif_lib.c
├── [5.2K]  exploit.c
├── [ 11K]  gif_lib.h
├── [1.2K]  LICENSE
├── [  42]  MakeFile
└── [ 609]  README.md

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!