CVE-2021-22204 PoC — exiftool 代码注入漏洞

Source

https://github.com/Akash7350/CVE-2021-22204

Associated Vulnerability

Title:exiftool 代码注入漏洞 (CVE-2021-22204)
Description:exiftool是一个应用软件。使元数据更易于访问。 ExifTool 7.44版本及之前版本存在代码注入漏洞，该漏洞允许在解析恶意图像时任意执行代码。

Readme

# CVE-2021-22204

## Exploit for CVE-2021-22204 (ExifTool) - Arbitrary Code Execution

# Exploit Description

Use this exploit to generate a JPEG image payload that can be used with a vulnerable ExifTool version for code execution. A custom command can be provided or a reverse shell can be generated. A JPEG image is automatically generated, and optionally, a custom JPEG image can be supplied to have the payload inserted.

File Snapshot


 [4.0K]  /data/pocs/e8fc48c2903665923526b5ca478d945a88c30d23
├── [1.9K]  exploit.py
└── [ 425]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!