CVE-2023-21036 PoC — Google Pixel 安全漏洞

Source

Associated Vulnerability

Description

Discord bot for mitigating the aCropalypse vulnerability (CVE-2023-21036, CVE-2023-28303) by retroactively deleting vulnerable images

Readme

# March 31st, 2023 Update

As of today, Discord's CDN now strips trailing data from PNGs in-flight, meaning that even old uploads are now safe from
the aCropalypse vulnerability. As such, this bot is no longer necessary, but it will remain online to allow users to
download their archived images.

The original README for the bot can be found below.

# [AntiCropalypse](https://anticropalypse.qixils.dev)

Discord bot which searches for and deletes images vulnerable to the aCropalypse exploit
(CVE-2023-21036 & CVE-2023-28303).
You can learn more about the project and add the public bot to your server
[**here**](https://anticropalypse.qixils.dev).

## Self-hosting

This bot is written in Kotlin and requires Java 17 to compile and run.

### Releases

Running the bot is as simple as downloading the
[latest release](https://github.com/qixils/anticropalypse/releases/latest),
setting the required environment variables (see below),
and running the `bin/bot` script.

### Building from source

To create a distributable build like the published releases, run `./gradlew build`
and share/extract the resulting archive from `bot/build/distributions`.

Otherwise, you can run the bot directly by setting the required environment variables (see below)
and running `./gradlew :bot:run`.

### Environment variables

| Name            | Description                         |         Required         |
|-----------------|-------------------------------------|:------------------------:|
| `BOT_TOKEN`     | Token for the Discord bot to run as |            ✔️            |
| `S3_BUCKET`     | S3 bucket name to archive images to |      For S3 support      |
| `S3_REGION`     | Region for the S3 archival bucket   |      For S3 support      |
| `S3_ACCESS_KEY` | Your S3 access key                  |      For S3 support      |
| `S3_SECRET_KEY` | Your S3 private key                 |      For S3 support      |
| `S3_ENDPOINT`   | Endpoint for S3 archival bucket     | No, defaults to Amazon's |

File Snapshot

 [4.0K]  /data/pocs/6777617552236e174f13c96d62bb3b29ac0adb98
├── [4.0K]  bot
│   ├── [1.0K]  build.gradle.kts
│   └── [4.0K]  src
│       └── [4.0K]  main
│           ├── [4.0K]  kotlin
│           │   └── [4.0K]  dev
│           │       └── [4.0K]  qixils
│           │           └── [4.0K]  anticropalypse
│           │               ├── [ 48K]  Bot.kt
│           │               ├── [2.3K]  BotState.kt
│           │               ├── [ 14K]  Scanner.kt
│           │               └── [ 933]  Utils.kt
│           └── [4.0K]  resources
│               └── [ 374]  logback.xml
├── [ 549]  build.gradle.kts
├── [4.0K]  gradle
│   └── [4.0K]  wrapper
│       ├── [ 59K]  gradle-wrapper.jar
│       └── [ 201]  gradle-wrapper.properties
├── [ 325]  gradle.properties
├── [7.9K]  gradlew
├── [2.6K]  gradlew.bat
├── [1.0K]  LICENSE
├── [1.9K]  README.md
├── [  52]  settings.gradle.kts
└── [4.0K]  web
    ├── [ 12K]  apple-touch-icon.png
    ├── [4.0K]  assets
    │   └── [4.0K]  css
    │       └── [1.4K]  styles.css
    ├── [6.8K]  favicon-32.png
    ├── [ 18K]  favicon-512.png
    ├── [7.2K]  favicon.ico
    └── [8.9K]  index.html

13 directories, 21 files

Remarks