Last active
July 10, 2024 07:12
-
-
Save anomixer/ec9705e205d2e154db9987123857c0f1 to your computer and use it in GitHub Desktop.
Test RCE Bug (CVE-2024-29510)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Details: https://www.bleepingcomputer.com/news/security/rce-bug-in-widely-used-ghostscript-library-now-exploited-in-attacks/ | |
| if [ ! -f CVE-2024-29510_testkit.ps ]; then | |
| cat > CVE-2024-29510_testkit.ps << EOF | |
| %!PS | |
| % Run like this: | |
| % ghostscript -q -dBATCH -dNODISPLAY CVE-2024-29510_testkit.ps | |
| % Make a new tempfile but only save its path. This gives us a file path to read/write | |
| % which will exist as long as this script runs. We don't actually use the file object | |
| % (hence \`pop\`) because we're passing the path to uniprint and reopening it ourselves. | |
| /PathTempFile () (w+) .tempfile pop def | |
| { | |
| % Select uniprint device with custom format strings | |
| << | |
| /OutputFile PathTempFile | |
| /OutputDevice /uniprint | |
| /upColorModel /DeviceCMYKgenerate | |
| /upRendering /FSCMYK32 | |
| /upOutputFormat /Pcl | |
| /upYMoveCommand (customized format string) | |
| >> | |
| setpagedevice | |
| } stopped { | |
| % An error occurred, it is the mitigation stopping us | |
| (Your version of Ghostscript is NOT vulnerable to CVE-2024-29510 :\)\n) print | |
| } { | |
| % No error was thrown, the vulnerability is not patched | |
| (Your version of Ghostscript IS vulnerable to CVE-2024-29510 :\(\n) print | |
| } ifelse | |
| quit | |
| EOF | |
| fi | |
| ghostscript -q -dBATCH -dNODISPLAY CVE-2024-29510_testkit.ps |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment