Sleuthkit 4.11.1 Command Injection

# Exploit Title: sleuthkit 4.11.1 - Command Injection  # Date: 2023-01-20# CVE-2022-45639# Vendor Homepage: https://github.com/sleuthkit# Vulnerability Type: Command injection# Attack Type: Local# Version: 4.11.1# Exploit Author: Dino Barlattani, Giuseppe Granato# Link poc: https://www.binaryworld.it/guidepoc.asp#CVE-2022-45639# POC:fls tool is affected by command injection in parameter "-m" when run onlinux system.OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allowsattackers to execute arbitrary commandsvia a crafted value to the m parameterwhen it run on linux, a user can insert in the -m parameter a buffer withbacktick with a shell command.If it run with a web application as front end it can execute commands onthe remote server.The function affected by the vulnerability is "tsk_fs_fls()" from the"fls_lib.c" file#ifdef TSK_WIN32   {   ....   }#else   data.macpre = tpre; <---------------   return tsk_fs_dir_walk(fs, inode, flags, print_dent_act, &data);#endifRun command:$ fls -m `id` [Options]-- *Dino Barlattani*www.linkedin.com/in/dino-barlattani-10bba11a9/www.binaryworld.it <http://Binaryworld.it>www.youtube.com/user/dinbar78