CVE-2018-6574 PoC — Google Go 安全漏洞

Source

https://github.com/zerbaliy3v/cve-2018-6574-exploit

Associated Vulnerability

Title:Google Go 安全漏洞 (CVE-2018-6574)
Description:Google Go是美国谷歌（Google）公司的一种针对多处理器系统应用程序的编程进行了优化的编程语言。 Google Go 1.8.7之前版本、1.9.4之前的1.9.x版本和1.10rc2之前的1.10 pre-releases版本中存在安全漏洞。远程攻击者可利用该漏洞执行命令。

Description

CVE-2018-6574 this vulnerability impacts Golang go get command and allows an attacker to gain code execution on a system by installing a malicious library, this vulnerability was fixed in Go 1.8. 7, 1.9. 4 and 1.10rc2. Golang will build native extensions.

Readme

# cve-2018-6574-exploit
```
gcc -shared -o attack.so -fPIC attack.c
go get github.com/zerbaliy3v/cve-2018-6574-exploit
```

File Snapshot


 [4.0K]  /data/pocs/b46a5a83329c98a35252759183a26f30ad894d67
├── [ 145]  attack.c
├── [ 333]  main.go
└── [ 123]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!