GithubHelp home page GithubHelp logo

exfil0 / test_iconv Goto Github PK

View Code? Open in Web Editor NEW
0.0 1.0 0.0 8 KB

This repository contains a C program to test for CVE-2024-2961, a buffer overflow vulnerability in the iconv() function of glibc.

Home Page: https://karimjaber.net

C 100.00%
buffer cve glibc iconv overflow pentest test vulnerability cve-202402961

test_iconv's Introduction

Testing CVE-2024-2961 (V1 - Under Analysis)

This repository contains a C program to test for CVE-2024-2961, which involves a buffer overflow vulnerability in the iconv() function of the GNU C Library (glibc). Due to the structure of PHP’s heap, this overflow can be exploited to modify part of a free list pointer, ultimately providing an arbitrary write primitive within the program’s memory. Consequently, any attacker with a file read vulnerability and a controlled prefix on a PHP application can achieve RCE. Similarly, forcing PHP to call iconv() with controlled parameters grants the attacker the same capability.

Prerequisites

  • A system with glibc version 2.39 or older.
  • GCC (GNU Compiler Collection) installed.
  • iconv library installed.

Steps to Test

1. Check glibc Version

Ensure that your system has glibc version 2.39 or older:

ldd --version

2. Clone the Repository

Clone this repository to your local machine:

git clone https://github.com/exfil0/test_iconv.git
cd test_iconv

3. Compile the Program

Use GCC to compile the C program:

gcc -o test_iconv test_iconv.c -liconv

4. Run the Program

Execute the compiled program:

./test_iconv

5. Analyze the Results

  • If the program crashes or behaves unexpectedly, it might be an indication of the buffer overflow.
  • Use debugging tools like gdb to analyze the crash and confirm if it is related to the vulnerability.

Optional: Debugging with GDB

If you encounter a crash, you can use gdb to get more details:

gdb ./test_iconv

Within GDB, run the program:

run

If the program crashes, you can inspect the state of the program:

bt

This will give you a backtrace of the crash, which can help in diagnosing if the overflow is due to the CVE.

Optional: Using Sanitizers

Compile the program with AddressSanitizer to catch the overflow:

gcc -fsanitize=address -o test_iconv test_iconv.c -liconv
./test_iconv

AddressSanitizer will provide detailed information if there is a buffer overflow.

Mitigation

If the vulnerability is confirmed, consider updating glibc to a version where this issue is patched. You can download and install the latest version from the GNU project's website or your distribution's package manager.

Research

For more details on this vulnerability, you can read the following research article: GLIBC Flaw CVE-2024-2961 Opens Door to RCE, PoC Exploit Published

Disclaimer

This code is for educational and testing purposes only. Do not use it on systems without proper authorization.

test_iconv's People

Contributors

exfil0 avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.