![]() ![]() The vulnerability severity base score is 7.8. Many python scripts and a Metasploit module are available to generate the malicious image file. Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image. One issue in the Gitlab lab was exploited due to a vulnerability found in the ExifTool tool. Gitlab uses this tool as a dependency for their product. The ExifTool is used in many significant applications such as Gitlab. ![]() In 2021, a critical vulnerability was found in the ExifTool tool. Technical difficulty: Beginner Introduction ![]() Also, we will use Metasploit Framework to generate a malicious image that gives us a meterpreter session. Purpose: We are learning how to manually exploit the Gitlab server running the ExifTool vulnerable version to better understand the vulnerability. Subscribe or sign up for a 7-day, risk-free trial with INE and access this lab and a robust library covering the latest in Cyber Security, Networking, Cloud, and Data Science! In our lab walkthrough series, we go through selected lab exercises on our INE Platform. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |