Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-7384 PoC — Client-Side Command Injection in Rapid7 Metasploit

Source
https://github.com/0xCarsonS/CVE-2020-7384
Associated Vulnerability
Title:Client-Side Command Injection in Rapid7 Metasploit (CVE-2020-7384)
Description:Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim's machine.
Readme
# CVE-2020-7384

This is an exploit made in bash for CVE-2020-7384.
</br>It is a modification of nikhil1232's code here: https://github.com/nikhil1232/CVE-2020-7384/blob/main/CVE-2020-7384.sh
</br></br>My goal was to make the exploit easier to run, along with adding a few QOL improvements.

## Usage
#### <code>bash CVE-2020-7384.sh</code>

![Image](https://github.com/0xCarsonS/CVE-2020-7384/blob/main/index.png?raw=true)</br></br>
File Snapshot

 [4.0K]  /data/pocs/56b772b3b0ee149af495328f43a36ddf01ed5f24
├── [3.3K]  CVE-2020-7384.sh
├── [134K]  index.png
└── [ 434]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →