CVE-2020-7247 PoC — Openbsd Opensmtpd代码问题漏洞

Source

https://github.com/f4T1H21/CVE-2020-7247

Associated Vulnerability

Title:Openbsd Opensmtpd代码问题漏洞 (CVE-2020-7247)
Description:Openbsd Opensmtpd是Openbsd组织的一个基于RFC 5321的SMTP服务端软件。 Openbsd Opensmtpd 存在代码问题漏洞。远程攻击者可通过特制的SMTP session利用该漏洞以root权限执行任意命令。

Description

PoC exploit for CVE-2020-7247 OpenSMTPD 6.4.0 < 6.6.1 Remote Code Execution

Readme

# CVE 2020-7247

PoC exploit for OpenSMTPD 6.4.0 < 6.6.1 - Remote Code Execution, written by [f4T1H](https://github.com/f4T1H21), inspired by [QTranspose](https://github.com/QTranspose).<br>
Reference: <https://www.qualys.com/2020/01/28/cve-2020-7247/lpe-rce-opensmtpd.txt>

##### Dependencies:
```bash
pip3 install pwntools
```
## Usage:
```bash
python3 exploit.py <RHOST> <RPORT> <recipient_mail> <LHOST> <LPORT>
```
![](src/poc.gif)

File Snapshot


 [4.0K]  /data/pocs/8ffb5aa35e1fa34910559ef4d8242cae614d9ea4
├── [1.9K]  exploit.py
├── [ 34K]  LICENSE
├── [ 436]  README.md
└── [4.0K]  src
    └── [ 74K]  poc.gif

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!