Target from: CVE Network
4: Flags (2:system, env, root
)
1: Service
1,400 pts
4: Flags found
1: Service discovered
1,400 pts
85 minutes
This is a target with direct implementation of the CVE-2019-14813 for ghostscript 9.26a and is here to assist in developing exploits for this vulnerability.
Description
A flaw was found in ghostscript, versions 9.x before 9.28, in the setsystemparams
procedure where it did not properly secure its privileged calls, enabling scripts to bypass -dSAFER
restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
Environment details
The system is accessible at 10.0.200.13
and runs gs -sDEVICE=ppmraw -dSAFER
on port 12345/tcp
.
Flags can be found at:
/root/ETSCTF
/etc/passwd
gecos/etc/shadow
password hashenv
variable
85 Headshots (newer first)
Ckabos, canary, Caritattriste, Xueba, c0nfirm, Praise, hackercon101, Anointed, sh4yo, TroyLynx, Avilix, doofyr, Pablo977, uApocryphon, cavca2012, michyamrane, SaintMArk, Blame11, darklordbnl
2 Writeups by:
Activity Stream
Latest activity on the platform