Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-39929 PoC — Exim 安全漏洞

Source
https://github.com/michael-david-fry/CVE-2024-39929
Associated Vulnerability
Title:Exim 安全漏洞 (CVE-2024-39929)
Description:Exim是一个运行于Unix系统中的开源消息传送代理(MTA),它主要负责邮件的路由、转发和投递。 Exim 4.97.1及之前版本存在安全漏洞,该漏洞源于错误解析了多行RFC 2231头文件名,因此远程攻击者可以绕过扩展阻止保护机制,并可能将可执行附件传送到最终用户的邮箱。
Description
POC to test CVE-2024-39929 against EXIM mail servers
Readme
# Exim CVE-2024-39929 Exploit PoC

This repository contains a Proof-of-Concept (PoC) script to exploit the Exim vulnerability CVE-2024-39929. The vulnerability affects Exim versions up to and including 4.97.1, allowing attackers to bypass file extension blocking mechanisms and potentially deliver executable attachments to users' mailboxes.

## Description

The PoC script in this repository reads a list of SMTP servers from an external file and sends an email with a crafted attachment designed to exploit CVE-2024-39929. The script dynamically sets the email subject to indicate the server through which the email was passed.

## Usage

### Prerequisites

- Python 3.x
- `smtplib` and `email` modules (standard with Python)

### Installation

1. Clone the repository:
    ```sh
    git clone https://github.com/michael-david-fry/CVE-2024-39929.git
    cd CVE-2024-39929
    ```

2. Ensure you have a file named `servers.txt` in the repository directory. This file should contain a list of IP addresses or FQDNs, each on a new line.

### Running the Script

1. Execute the script, providing the path to `servers.txt` as a command-line argument:
    ```sh
    python send_exploit_email.py path/to/servers.txt
    ```

2. The script will prompt you for the sender and recipient email addresses:
    ```plaintext
    Enter the sender email address: sample@test.com
    Enter the recipient email address: sample@test.com
    ```

### Example

```sh
python send_exploit_email.py servers.txt
```

Example prompts:
```plaintext
Enter the sender email address: sample@test.com
Enter the recipient email address: sample@test.com
```

## Script Details

The script performs the following actions:
1. Reads the list of SMTP servers from the specified file.
2. Prompts the user for sender and recipient email addresses.
3. Connects to each SMTP server on port 25.
4. Sends an email with a crafted attachment designed to exploit CVE-2024-39929.
5. Sets the email subject to indicate the server used for sending the email.
6. Prints debug information and handles exceptions.

## Important Considerations

- **Ethical Use**: Ensure you have permission to test these servers for vulnerabilities. Unauthorized testing can be illegal and unethical.
- **Monitoring**: Monitor the responses and behaviors of the servers to determine if the exploit was successful.

## Disclaimer

This tool is intended for educational purposes and authorized testing only. The authors are not responsible for any misuse of this tool.

## Contact

For issues, questions, or contributions, please create an issue or submit a pull request on the [GitHub repository](https://github.com/michael-david-fry/CVE-2024-39929).
File Snapshot

 [4.0K]  /data/pocs/052b0d0184a85e0d32d8038831c4e438393fd66e
├── [2.9K]  CVE-2024-39929_POC.py
└── [2.6K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.