关联漏洞
标题:
Samba 安全漏洞
(CVE-2017-7494)
描述:Samba是Samba团队开发的一套可使UNIX系列的操作系统与微软Windows操作系统的SMB/CIFS网络协议做连结的自由软件。该软件支持共享打印机、互相传输资料文件等。 Samba中存在远程代码执行漏洞。远程攻击者可利用该漏洞使服务器加载和执行上传的共享库。以下版本受到影响:Samba 4.6.4之前的版本,4.5.10之前的版本,4.4.14之前的版本。
介绍
# CVE-2017-7494
# hello i,am Gihad from Libya > 17 C
# information On Exploit
# ==========================================================================================
This module triggers an arbitrary shared library load vulnerability
in Samba versions 3.5.0 to 4.4.14, 4.5.10, and 4.6.4. This module
requires valid credentials, a writeable folder in an accessible
share, and knowledge of the server-side path of the writeable
folder. In some cases, anonymous access combined with common
filesystem locations can be used to automatically exploit this
vulnerability.
# ==========================================================================================
# Download Script is_known_pipename
#
# > target >
# Ubuntu Ubuntu Linux 17.04
# SuSE Linux Enterprise Software Development Kit 12 SP2
# SuSE Linux Enterprise Software Development Kit 12 SP1
# SuSE Linux Enterprise Software Development Kit 11 SP4
# SuSE Linux Enterprise Server for Raspberry Pi 12-SP2
# SuSE Linux Enterprise Server 12-SP2
# SuSE Linux Enterprise Server 12-SP1
# SuSE Linux Enterprise Server 11 SP4
# SuSE Linux Enterprise Server 11 SP3 LTSS
SuSE Linux Enterprise Point of Sale 11-SP3
# SuSE Linux Enterprise High Availability 12-SP2
# SuSE Linux Enterprise High Availability 12-SP1
SuSE Linux Enterprise Desktop 12-SP2
# SuSE Linux Enterprise Desktop 12-SP1
# SuSE Linux Enterprise Debuginfo 11 SP4
# SuSE Linux Enterprise Debuginfo 11 SP3
# Samba Samba 4.6.1
# Samba Samba 4.6
# Samba Samba 4.5.7
# Samba Samba 4.5.6
# Samba Samba 4.5.5
# Samba Samba 4.5.4
# Samba Samba 4.5.1
# Samba Samba 4.5
# Samba Samba 4.4.12
# Samba Samba 4.4.11
# Samba Samba 4.4.10
# Samba Samba 4.4.9
# Samba Samba 4.4.7
# Samba Samba 4.4.6
# Samba Samba 4.4.1
# Samba Samba 4.4
# Samba Samba 4.3.7
# Samba Samba 4.3.5
# Samba Samba 4.3.4
# Samba Samba 4.3.3
# Samba Samba 4.3.2
# Samba Samba 4.3.1
# Samba Samba 4.3
# Samba Samba 4.2.10
# Samba Samba 4.2.8
# Samba Samba 4.2.7
# Samba Samba 4.2.6
# Samba Samba 4.2.5
# Samba Samba 4.2.4
# Samba Samba 4.2.3
# Samba Samba 4.2.2
# Samba Samba 4.2.1
# Samba Samba 4.2
# Samba Samba 4.1.22
# Samba Samba 4.1.21
# Samba Samba 4.1.20
# Samba Samba 4.1.19
# Samba Samba 4.1.18
# Samba Samba 4.1.17
# Samba Samba 4.1.16
# Samba Samba 4.1.15
# Samba Samba 4.1.14
# Samba Samba 4.1.13
# Samba Samba 4.1.10
# Samba Samba 4.1.9
# Samba Samba 4.1.7
# Samba Samba 4.1.3
# Samba Samba 4.1.2
# Samba Samba 4.1.1
# Samba Samba 4.1
# Samba Samba 4.0.24
# Samba Samba 4.0.23
# Samba Samba 4.0.21
# Samba Samba 4.0.20
# Samba Samba 4.0.19
# Samba Samba 4.0.18
# Samba Samba 4.0.17
# Samba Samba 4.0.13
# Samba Samba 4.0.12
# Samba Samba 4.0.10
# Samba Samba 4.0.2
# Samba Samba 3.5.22
# Samba Samba 3.5.21
# Samba Samba 3.5.16
# Samba Samba 3.5.13
Samba Samba 3.5.9
Samba Samba 3.5.8
Samba Samba 3.5.2
Samba Samba 3.5.1
Samba Samba 3.5
Samba Samba 4.5.3
Samba Samba 4.5.2
Samba Samba 4.4.8
Samba Samba 4.4.5
Samba Samba 4.4.4
Samba Samba 4.4.3
Samba Samba 4.4.2
Samba Samba 4.3.9
Samba Samba 4.3.8
Samba Samba 4.3.6
Samba Samba 4.3.13
Samba Samba 4.3.11
Samba Samba 4.3.10
Samba Samba 4.2.9
# Trustix Secure Linux 2.0
# Trustix Secure Linux 1.5
# Samba Samba 4.2.14
# Samba Samba 4.2.13
# Samba Samba 4.2.12
# Samba Samba 4.2.11
# Samba Samba 4.1.8
# Samba Samba 4.1.6
# Samba Samba 4.1.5
# Samba Samba 4.1.23
# Trustix Secure Linux 2.0
# Trustix Secure Linux 1.5
# Samba Samba 4.1.11
# Samba Samba 4.0.9
# Samba Samba 4.0.8
# Samba Samba 4.0.7
# Samba Samba 4.0.6
# Samba Samba 4.0.5
# Samba Samba 4.0.4
# Samba Samba 4.0.3
# Samba Samba 4.0.22
# Samba Samba 4.0.16
# Samba Samba 4.0.15
# Samba Samba 4.0.14
# Samba Samba 4.0.11
# Samba Samba 4.0.1
# Samba Samba 4.0.0
# Samba Samba 3.5.7
# Samba Samba 3.5.6
# Samba Samba 3.5.5
# Samba Samba 3.5.4
# Samba Samba 3.5.3
# Samba Samba 3.5.20
# Samba Samba 3.5.19
# Samba Samba 3.5.18
# Samba Samba 3.5.15
# Samba Samba 3.5.14
# Samba Samba 3.5.10
# Redhat Gluster 3.2 on RHEL-7
# Redhat Gluster 3.2 on RHEL-6
# Redhat Enterprise Linux Workstation Optional 7
# Redhat Enterprise Linux Workstation 7
# Redhat Enterprise Linux Workstation 6
# Redhat Enterprise Linux Server Optional 7
# Redhat Enterprise Linux Server 7
# Redhat Enterprise Linux Server 5
# Redhat Enterprise Linux Resilient Storage 7
# Redhat Enterprise Linux HPC Node 6
# Redhat Enterprise Linux Desktop Optional 6
# Redhat Enterprise Linux Desktop 6
# Redhat Enterprise Linux ComputeNode Optional 7
# Redhat Enterprise Linux ComputeNode 7
# Oracle Enterprise Linux 6.2
# Oracle Enterprise Linux 6
# Debian Linux 6.0 sparc
# Debian Linux 6.0 s/390
# Debian Linux 6.0 powerpc
# Debian Linux 6.0 mips
# Debian Linux 6.0 ia-64
# Debian Linux 6.0 ia-32
# Debian Linux 6.0 ia-30
# Debian Linux 6.0 arm
# Debian Linux 6.0 amd64
文件快照
[4.0K] /data/pocs/1ce39aad97f240da5e42700d07f25d9999fd1769
├── [8.7K] is_known_pipename.rb
└── [4.6K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。