POC详情: f0dfc0352960c9a0e8f07e3b16537a6c263ddb48

来源
关联漏洞
标题: Zimbra Collaboration Server 安全漏洞 (CVE-2024-45519)
描述:Zimbra Collaboration Server(ZCS)是Zimbra公司的一套电子邮件和协作解决方案。该方案提供电子邮件、联系人、日历、文件共享、社交网络等功能。 Zimbra Collaboration Server存在安全漏洞,该漏洞源于日志服务有时允许未经身份验证的用户执行命令。以下版本受到影响:8.8.15补丁46之前版本、9.0.0补丁41之前版本、10.0.9之前版本和10.1.1之前版本。
介绍
# CVE-2024-45519

SMTP Vulnerability Exploit Script
Overview

This script checks for vulnerabilities in an SMTP server and, if found, exploits the vulnerability by establishing a reverse shell connection to your machine.
Features

    Port Checking: Verifies if the target SMTP port is open.
    Vulnerability Check: Sends a payload to test for vulnerability in the SMTP server.
    Exploit & Reverse Shell: If the server is vulnerable, the script executes a reverse shell, allowing you to gain access to the remote machine.

Usage

    Listen on your machine: Before running the script, open a terminal and listen for incoming connections:

    bash

    nc -lvnp 4444

    (Replace 4444 with your chosen port, matching the one in the script.)

    Run the script: If the server is vulnerable, it will connect back to your machine, and you will gain control via the terminal.

Important Notes

    Legal Use Only: This script should only be used on systems where you have explicit permission to test for vulnerabilities.
    Correct IP Configuration: Ensure the script uses your correct IP address, particularly your public IP if working outside a local network.
文件快照

[4.0K] /data/pocs/f0dfc0352960c9a0e8f07e3b16537a6c263ddb48 ├── [2.8K] CVE-2024-45519-Poc.py └── [1.1K] README.md 0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。