Exploit for CVE-2025-30065

## https://sploitus.com/exploit?id=9A66D01E-08DC-50A8-8C01-10BE03A1A189
# TRAI-001 CVE-2025-30065: Apache Parquet Remote Code Execution (RCE) Exploit Simulator

<p align="center">
  <img src="https://github.com/ThreatRadarAI/TRA-001-Critical-RCE-Vulnerability-in-Apache-Parquet-CVE-2025-30065-Simulation-/blob/main/src/TRAI-coverlogo.gif" alt="Project Logo" width="800"/>
</p>


![Demo Screenshot](/screenshots/simulator-demo.png)  
*Simulator interface demonstrating the exploit chain*

## 📌 Overview
This repository contains an **educational simulation** of CVE-2025-30065, a critical Remote Code Execution vulnerability in Apache Parquet files. The tool demonstrates how attackers exploit this flaw to gain full system control, while providing mitigation guidance.

**Key Features:**
- Interactive step-by-step exploit simulation
- Realistic terminal output with logging
- Vulnerability details & mitigation strategies
- Safe, non-malicious environment (no actual exploits)

## 🚨 Vulnerability Details

| Category       | Description |
|---------------|-------------|
| **CVE ID**    | CVE-2025-30065 |
| **Affected**  | Apache Parquet <= 2.9.0 |
| **CVSS Score** | 10.0 (Critical) |
| **Attack Vector** | Malicious Parquet file upload |
| **Impact**    | Remote Code Execution → Full System Compromise |

### Technical Root Cause
The vulnerability stems from:
1. Unsafe deserialization of column metadata
2. Lack of input validation in Parquet's Java/Scala readers
3. Arbitrary code execution via crafted thrift objects

## 🖥️ Simulation Components

### 1. Exploit Phases
```python
1. Reconnaissance       # Scan for vulnerable services
2. Exploitation        # Deliver malicious Parquet file
3. Privilege Escalation # Elevate to root/admin
4. Data Exfiltration    # Steal AWS creds, DB data, PII
```

### 2. Code Structure
```
├── app.py                # Flask backend (simulation API)
├── static/
│   ├── script.js         # Terminal & exploit logic
│   └── style.css         # Dark theme styling
├── templates/
│   └── index.html        # Interactive web interface
├── screenshots/          # Demo images
└── README.md
```

## 🛠️ Setup & Usage

### Prerequisites
- Python 3.8+
- Flask
- Bootstrap 5

### Installation
```bash
git clone https://github.com/yourusername/apache-parquet-rce-simulator.git
cd apache-parquet-rce-simulator
pip install flask
```

### Running the Simulator
```bash
python app.py
```
Visit `http://localhost:5000` to launch the interactive simulator.

## 🎮 Demo Walkthrough
1. **Set Target**  
   Configure IP (`192.168.1.100`) and port (`8080`)

2. **Execute Phases**  
   Click through each attack stage:
   - Initialize → Recon → Exploit → PrivEsc → Exfiltrate

3. **Review Results**  
   - Terminal shows realistic exploit output
   - Modal displays stolen data (AWS keys, DB creds, PII)

## 🛡️ Mitigation Strategies
```yaml
1. Patching:
   - Upgrade to Apache Parquet >= 1.15.1.

2. Defensive Measures:
   - Disable unnecessary Parquet endpoints
   - Implement file content validation
   - Use network segmentation

3. Detection:
   - Monitor for abnormal Parquet file processing
   - Alert on thrift deserialization errors
```

## ⚠️ Disclaimer
**This is a simulation tool only.** It demonstrates attack methodology for educational purposes. Never use against real systems without permission.

## 📜 License
NA

---