Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-14745 PoC — radare2 命令注入漏洞

Source
https://github.com/xooxo/CVE-2019-14745
Associated Vulnerability
Title:radare2 命令注入漏洞 (CVE-2019-14745)
Description:In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in executables.
Description
weaponized radare2 vulnerability found by @CaptnBanana and blenk92
Readme
# CVE-2019-14745
weaponized radare2 vulnerability (CVE-2019-14745 assigned) found by @CaptnBanana and blenk92

For details about vulnerability, read https://bananamafia.dev/post/r2-pwndebian/

# Usage
First of all, you need Python bindings of LIEF (https://lief.quarkslab.com/)
Then, run script as:

`python nukeradare2.py <binary_name> <one of the symbols of that binary> <shell command>`

This will create a binary with nuked_ as prefix. Run it with:

`radare2 -c "ood" <nuked_binary>`

or give "ood" as a command in radare2. Note that radare2 will run your command twice.
File Snapshot

 [4.0K]  /data/pocs/d5808fcaa551038bd27c27420bfbd16d061d8f75
├── [1.0K]  LICENSE
├── [ 459]  nukeradare2.py
└── [ 575]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →