Login
Start Free Trial
Back

Unique Exploit - Persistence through CVE-2022-30507

Dec 31, 2022

as a trying to write exploitation for anything and find a use for it in real-world scenarios.

Exploiting such vulnerability for persistence can be a very good scenario, also it can be used with phishing and social engineering.

I wrote the next exploit:

https://github.com/mhzcyber/CVE-Analysis/blob/main/CVE-2022-30507/CVE-2022-30507Exploit.py

Which generates reverse shell payload for linux and windows, the payload going to be saved in .md (markdown) file and once it’s imported in Notable, automatically it will be executed.

Run the exploit:

python3 CVE-2022-30507Exploit.py

Linux Payload

python3 CVE-2022-30507Exploit.py linux auto

Windows Payload

python3 CVE-2022-30507Exploit.py win auto

Test exploiting notable using the generated payload by the tool

Linux:

Windows:

Finally thoughts

Exploiting such applications on the end user's machine it’s a really interesting topic, and it can take us to very deep research to discover new ways of exploiting and hacking end user's machines through such applications.

This is version one of the exploitation.

We are currently developing version two which will import the payload file in the application automatically, and that will give us even more advanced persistence.

#exploit #cve #vulnerability #persistence #redteam #CVE-2022-30507

Tags

  • #vulnerability

  • #cve

  • #exploit

  • #redteam

  • #vicarius_blog

  • #CVE-2022-30507

  • #persistence

users/photos/cl9eol3ua2l7i0llg9fft6uoq.jpg

Written by

Mohammad Hussam Alzeyyat

Recent Posts

  • 1

    CVE-2023–23752: Joomla Unauthorized Access Vulnerability

    Mohammad Hussam Alzeyyat March 24, 2023

  • 2

    Apache Zero Days - Apache Spark Command Injection Vulnerability (CVE-2022-33891)

    Mudassar Zafar March 22, 2023

  • 3

    CVE-2022-44666: Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability

    j00sean (https://twitter.com/j00sean) March 01, 2023

  • 4

    KeePass Passwords Theft CVE-2023-240550

    Youssef Muhammad March 01, 2023

  • 5

    CVE-2022–44267: Denial Of Service in ImageMagick

    Mohammad Hussam Alzeyyat February 28, 2023

Related Posts

By Mohammad Hussam Alzeyyat
Mar 24, 2023

CVE-2023–23752: Joomla Unauthorized Access Vulnerability

In this blog, we are going to analyze the information disclosure in Joomla that allows an attacker to exploit it to gain unauthorized access. we will dive deep inside the flow of Joomla, how it works, and how the vulnerability happened.
By Mudassar Zafar
Mar 22, 2023

Apache Zero Days - Apache Spark Command Injection Vulnerability (CVE-2022-33891)

The Apache Spark command injection vulnerability (CVE-2022-33891) was discovered by the Sangfor FarSight Labs team and reported to the Apache Spark project team on July 18, 2022. The vulnerability was classified as high severity, with a CVSS (Common Vulnerability Scaling System) Base Score of 8.8, indicating a high potential impact.
By j00sean (https://twitter.com/j00sean)
Mar 01, 2023

CVE-2022-44666: Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape vulnerability

My thoughts and more on this bug!
last_chanse_04.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 14-day trial
Get a Demo
Start Free Trial!