Giters

wflk / CVE-2017-7494

Remote root exploit for the SAMBA CVE-2017-7494 vulnerability

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2017-7494

Remote root exploit for the SAMBA CVE-2017-7494 vulnerability.

Details

This exploit is divided in 2 parts:

  • First, it compiles a payload called "implant.c" and generates a library (libimplantx32.so or libimplantx64.so) that changes to the root user, detaches from the parent process and spawns a reverse shell.
  • Second, it finds a writeable share in the specified target host, uploads the library with a random name and tries to load it.

As long as the target is vulnerable and the payload is the correct for the target operating system and architecture, the exploit is 100% reliable.

TODO

I might update it at some point adding support for non Intel based architectures.

-- Joxean Koret

About

Remote root exploit for the SAMBA CVE-2017-7494 vulnerability

License:GNU General Public License v3.0

Languages

Language:Python 99.9%Language:C 0.1%Language:Shell 0.0%Language:Makefile 0.0%Language:Batchfile 0.0%