Skip to content

br0xpl/gotenberg_hack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
Module1.xba
Module1.xba
 
 
README.md
README.md
 
 
e
e
 
 
findprofile.html
findprofile.html
 
 
findsploit.html
findsploit.html
 
 
go.sh
go.sh
 
 
index.html
index.html
 
 
o.ods
o.ods
 
 
registrymodifications.xcu
registrymodifications.xcu
 
 

Repository files navigation

PoC code for exploiting Gotenberg 2020 vulnerabilities

Refer to CVE-2020-13449, CVE-2020-13450, CVE-2020-13451, CVE-2020-13452: https://sploit.tech/2020/12/29/Gotenberg.html

Write-up:

Instructions

  1. Run gotenberg version 6.2.0 or earlier:
$ docker run --rm -p 3000:3000 --name gotenberg thecodingmachine/gotenberg:6.2.0
  1. Execute the exploit with proper url:
$ ./go.sh http:https://localhsot:3000

  1. Grab a coffee and wait.

  2. When script prints "Executed!" message you can check the /tmp/hacked file, check if it's there:

$ docker exec gotenberg bash -c "cat /tmp/hacked"

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

5 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages