CVE-2018-17961 PoC — Artifex Ghostscript 安全漏洞

Source

https://github.com/matlink/CVE-2018-17961

Associated Vulnerability

Title:Artifex Ghostscript 安全漏洞 (CVE-2018-17961)
Description:Artifex Ghostscript是美国Artifex Software公司的一款开源的PostScript（一种用于电子产业和桌面出版领域的页面描述语言和编程语言）解析器，它可显示Postscript文件以及在非Postscript打印机上打印Postscript文件。 Artifex Ghostscript 9.25及之前版本中存在安全漏洞。攻击者可利用该漏洞绕过沙盒防御机制。

Readme

- build the image
- run the container with port forwarding
- ssh -X into it
- run evince executeonly_bypass.ps
- check exploit has written into ~/.bashrc

File Snapshot


 [4.0K]  /data/pocs/d9d23b59b4837118741f6770505e9cb5c0461a71
├── [1.2K]  Dockerfile
├── [2.0K]  executeonly_bypass_ps.bin
└── [ 154]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!