# CVE-2022-39197-RCE

## First
  This project was modified from [@its-arun]( project

  When I tested the script, I found that the frida script could not query the data in the normal order. The method of modifying the frida script to modify the process name.

Thanks to Master [@Kai5174]( for his contribution to the utilization method.

### Usage

- **Prepare Payload**

1、Edit command executed with your payload in `EvilJar/src/main/java/`, now it can only play the calculator.

2、Build using jar `mvn clean compile assembly:single`

4、Move `EvilJar-1.0-jar-with-dependencies.jar` from `EvilJar/target/` to `serve/` folder

5、Edit `serve\evil.svg` replace `[attacker]` 

6、Serve using `python3 -m http.server 8080`

7、Generate beacon.exe with C2 version less than or equal to 4.7

8、You need to execute the py script on a Windows to go online, and perform countermeasures when the client accesses the process list and sees the beacon.exe process.

- **Execute Exploit**

python3 -m pip install -r requirements.txt
python3 beacon.exe

Payload will be triggered as soon as the user scrolls through Process List

### POC



### Reference

[]( — There’s a great in depth analysis of this vulnerability