tonejito · July 9, 2019 19:11
diff --git a/patch_zoom-us_vuln_CVE-2019-13450.sh b/patch_zoom-us_vuln_CVE-2019-13450.sh
 #!/bin/bash -vxe

 #	= ^ . ^ =
 # https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
 # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13449
 # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13450
 # https://gist.github.com/JLLeitschuh/e2550ddd8d6dfd94447b0b557891ba30.git
 # https://gist.github.com/tonejito/6a564deb45b50407f6bc8a8a140f027b.git
 # https://twitter.com/JLLeitschuh/status/1148310958391091200
 # https://twitter.com/jdpearce/status/1148507087862947840
 # https://twitter.com/Tonejito/status/1148636381826211844
 # https://twitter.com/kdubmartins/status/1148575492200652803

 PORT=19421
 ZOOM_PROCESS=ZoomOpener
 ZOOM_DIR=~/.zoomus
 RINGCENTRAL_PROCESS=RingCentralOpener
 RINGCENTRAL_DIR=~/.ringcentralopener

 # Turn off my video when joining a meeting
 defaults write ~/Library/Preferences/us.zoom.config.plist ZDisableVideo 1

 # Kill the bogus localhost web server process
 lsof -i :${PORT} | grep -v '^COMMAND' | awk '{print $2}' | xargs -t kill

 # kill the offending processes
 for PROCESS in ${ZOOM_PROCESS} ${RINGCENTRAL_PROCESS}
 do
  pkill ${PROCESS}
 done

 # Remove and patch the offending app directories
 for DIR in ${ZOOM_DIR} ${RINGCENTRAL_DIR}
 do
  test -d ${DIR} && \
  rm -vrf ${DIR} && \
  touch ${DIR} && \
  chmod 0000 ${DIR}
 done
	#!/bin/bash -vxe

	# = ^ . ^ =
	# https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
	# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13449
	# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13450
	# https://gist.github.com/JLLeitschuh/e2550ddd8d6dfd94447b0b557891ba30.git
	# https://gist.github.com/tonejito/6a564deb45b50407f6bc8a8a140f027b.git
	# https://twitter.com/JLLeitschuh/status/1148310958391091200
	# https://twitter.com/jdpearce/status/1148507087862947840
	# https://twitter.com/Tonejito/status/1148636381826211844
	# https://twitter.com/kdubmartins/status/1148575492200652803

	PORT=19421
	ZOOM_PROCESS=ZoomOpener
	ZOOM_DIR=~/.zoomus
	RINGCENTRAL_PROCESS=RingCentralOpener
	RINGCENTRAL_DIR=~/.ringcentralopener

	# Turn off my video when joining a meeting
	defaults write ~/Library/Preferences/us.zoom.config.plist ZDisableVideo 1

	# Kill the bogus localhost web server process
	lsof -i :${PORT} \| grep -v '^COMMAND' \| awk '{print $2}' \| xargs -t kill

	# kill the offending processes
	for PROCESS in ${ZOOM_PROCESS} ${RINGCENTRAL_PROCESS}
	do
	pkill ${PROCESS}
	done

	# Remove and patch the offending app directories
	for DIR in ${ZOOM_DIR} ${RINGCENTRAL_DIR}
	do
	test -d ${DIR} && \
	rm -vrf ${DIR} && \
	touch ${DIR} && \
	chmod 0000 ${DIR}
	done