CVE-2021-4034
January 25, 2022 | An00bRektn
This is a golang implementation of CVE-2021-4034 based on (read as: blatantly stolen from) clubby789's implementation of the vulnerability discovered by Qualys.
I made a blog post going into further detail about the vulnerability, mainly for myself, but for anyone who wants a more drawn out explanation, which you can find here.
FAQ
How are you doing?
Good, thanks for asking
Did you discover this vulnerability?
No. This was from Qualys. Did you not read the first part?
Why clubby789?
Saw them create a new repository in my GitHub feed and decided I'd try to recreate it in another language (yes I have nothing better to do).
Why Golang? Shouldn't you just use C?
I just wanted to get some more Golang practice in. Also, currently not smart enough to figure out the exact details of the vuln without looking at a PoC. I get it now, but I needed to copy the code to understand the code.
Who asked?
idk