CVE-2018-9948 PoC — Foxit Reader 安全漏洞

Source

https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958

Associated Vulnerability

Title:Foxit Reader 安全漏洞 (CVE-2018-9948)
Description:Foxit Reader是中国福昕（Foxit）软件公司的一款PDF文档阅读器。 Foxit Reader 9.0.0.29935版本存在安全漏洞，该漏洞源于程序在访问指针前，没有正确的初始化该指针。远程攻击者可借助恶意的页面或文件利用该漏洞泄漏敏感信息。

Description

Foxit Reader version 9.0.1.1049 Use After Free with ASLR and DEP bypass on heap

Readme

# Custom Exploit : Foxit Reader version 9.0.1.1049 Use After Free with ASLR and DEP bypass on heap
My Custom Exploit : Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958 Custom exploit for Win 7
* Has space for shellcode 
* My custom ROP chain makes space for shellcode in the heap
* For Win 7

File Snapshot


 [4.0K]  /data/pocs/d9d27021bd8900524a581bba7736db4af104e30a
├── [8.0K]  foxit-download-exe.txt
├── [8.7K]  FoxitReader-custom-exploit-virtualalloc-shellcode.py
├── [7.4K]  foxit-reverse-shell-p80
├── [ 34K]  LICENSE
└── [ 327]  README.md

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!