Product Owner: PNotes – Andrey Gruber © 2007 – 2020
Type: Installable/Customer-Controlled Application
Application Name: PNotesNET version 220.127.116.11
Managing your day-to-day life is not an easy job to do. There are so many things for concern – housekeeping, shopping, children… And what about cousin’s birthday that you always forget or important phone numbers? Undoubtedly your working place is covered with dusty yellow (or blue, or pink) sticky notes. If so – PNotes is right for you. Throw the physical stickies away and replace them with virtual ones on your desktop.
PNotes (Pinned Notes or Portable Notes, use what you prefer) exists in two different editions:
- PNotes – the older one, written entirely in plain C and Windows API (with Pelles C for Windows IDE)
- PNotes.NET – the newer one, written in C#, requires .NET Framework 4.5
Product Url: https://pnotes-1932d.firebaseapp.com/home
Application Release Date: 04 May 2019
Vulnerability Name: Pnotes Insecure File Upload Vulnerability using (Miscellaneous – External Programs) and arbitrary code execution
Vulnerability Explanation: Pnotes is manily used for taking notes, especially a third party open source application. We can upload malicious .exe file via Miscellaneous – External programs and perform code execution via command line access.
Tested Os: Windows 10 Pro
Creating a malicious payload using msfvenom
Transfer Malocious implant .exe file – Pnshell.exe to victim system :
Pnshell Upload in Miscellaneous – External programs
Code Execution using Pnshell.exe :
Command Line Access:
[18.04.2020] Vulnerability discovered.
[18.04.2020] Vendor contacted.
[19.04.2020] CVE applied
[14.08.2020] CVE Assigned – CVE-2020-22721
Twitter – https://twitter.com/syh4ck