Skip to content

Philip-Otter/CupSmasher

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

133 Commits
ippserver
ippserver
 
 
CVE_2024_47176.py
CVE_2024_47176.py
 
 
CupSmasher.py
CupSmasher.py
 
 
EvilPrinter.py
EvilPrinter.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

CupSmasher is an exploit tool that takes advantage of an attack chain starting with the cups-browsed CVE-2024-47176 and then uses that in combination with CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 to lead to remote code execution.

CupSmasher is a fork of ipp-server and contains modified exploit code stemming from the awesome work done by evilsocket

image12341

CupSmasher IS INTENDED FOR EDUCATIONAL OR CTF PURPOSES ONLY. I TAKE NO RESPONSIBILITY FOR YOUR USE!

The CVEs:

https://nvd.nist.gov/vuln/detail/cve-2024-47176
https://nvd.nist.gov/vuln/detail/cve-2024-47076
https://nvd.nist.gov/vuln/detail/cve-2024-47177
https://nvd.nist.gov/vuln/detail/cve-2024-47175

Additional Reading:

https://letsdefend.io/blog/openprinting-cups-rce-analysis-and-poc-cve-2024-47176
https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1
https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

Please note that this project is still a work in progress

About

CupSmasher is an exploit tool that takes advantage of an attack chain starting with the cups-browsed CVE-2024-47176 and then uses that in combination with CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 to lead to remote code execution.

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Python 100.0%