关联漏洞
标题:
Zimbra Collaboration Server 安全漏洞
(CVE-2024-45519)
描述:Zimbra Collaboration Server(ZCS)是Zimbra公司的一套电子邮件和协作解决方案。该方案提供电子邮件、联系人、日历、文件共享、社交网络等功能。 Zimbra Collaboration Server存在安全漏洞,该漏洞源于日志服务有时允许未经身份验证的用户执行命令。以下版本受到影响:8.8.15补丁46之前版本、9.0.0补丁41之前版本、10.0.9之前版本和10.1.1之前版本。
介绍
# CVE-2024-45519
SMTP Vulnerability Exploit Script
Overview
This script checks for vulnerabilities in an SMTP server and, if found, exploits the vulnerability by establishing a reverse shell connection to your machine.
Features
Port Checking: Verifies if the target SMTP port is open.
Vulnerability Check: Sends a payload to test for vulnerability in the SMTP server.
Exploit & Reverse Shell: If the server is vulnerable, the script executes a reverse shell, allowing you to gain access to the remote machine.
Usage
Listen on your machine: Before running the script, open a terminal and listen for incoming connections:
bash
nc -lvnp 4444
(Replace 4444 with your chosen port, matching the one in the script.)
Run the script: If the server is vulnerable, it will connect back to your machine, and you will gain control via the terminal.
Important Notes
Legal Use Only: This script should only be used on systems where you have explicit permission to test for vulnerabilities.
Correct IP Configuration: Ensure the script uses your correct IP address, particularly your public IP if working outside a local network.
文件快照
[4.0K] /data/pocs/f0dfc0352960c9a0e8f07e3b16537a6c263ddb48
├── [2.8K] CVE-2024-45519-Poc.py
└── [1.1K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。