关联漏洞
标题:
Samba服务器call_trans2open远程缓冲区溢出漏洞
(CVE-2003-0201)
描述:Samba是一套实现SMB(Server Messages Block)协议,跨平台进行文件共享和打印共享服务的程序。Samba-TNG是一款Samba的衍生版本。 Samba程序由于对外部输入缺少正确的边界缓冲区检查,远程攻击者可以利用这个漏洞以root用户权限在系统上执行任意指令。 问题是smbd/trans2.c文件中的call_trans2open()函数调用: StrnCpy(fname,pname,namelen); /* Line 252 of smbd/trans2.c */ StrnCp
描述
Exploitation report of the Samba Trans2Open vulnerability (CVE-2003-0201), including tools used, exploitation steps, and protection techniques to secure systems.
介绍
# Samba Trans2Open Exploit Report
This repository contains a full technical walkthrough of exploiting the **Samba Trans2Open** vulnerability CVE-2003-0201 on a virtual Linux environment.
The exploitation was done for educational and ethical hacking training purposes.
---
## Report Contents
- Network and service discovery using tools like `netdiscover`, `nmap`, `whatweb`
- Vulnerability identification and CVE mapping
- Exploitation using Metasploit and a reverse shell payload
- Root access gained on the target system
- Protection techniques to mitigate the vulnerability
---
## Key Tools Used
- `netdiscover`
- `whatweb`
- `nmap`
- `searchsploit`
- `Metasploit`
---
## Full PDF Report
The full technical report including all steps.
[Download the full report.](https://github.com/Bakr-Ht/samba-trans2open-exploit-report/raw/main/full-report.pdf)
---
## Author
***Aboubakr Houta***
[GitHub Profile.](https://github.com/Bakr-Ht)
---
> "Train hard. Hack smart. No shortcuts."
文件快照
[4.0K] /data/pocs/a3f0d98c971ade36916e7e505ed3072c2911802f
├── [3.7K] Exploitation Report: Samba Trans2Open Vulnerability.md
├── [312K] full-report.pdf
├── [4.0K] images
│ ├── [300K] metasploit.png
│ ├── [272K] netdiscover.png
│ ├── [163K] Samba.png
│ ├── [131K] searchsploit.png
│ └── [ 72K] whatweb.png
└── [1000] README.md
1 directory, 8 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。