Novice tutorial-Samba penetration remote command injection vulnerability username map script (CVE-2007-2447)

Others 2021-01-24 02:12:20 views: null

Smaba remote shell command injection (username map script)

Article Directory

- Smaba remote shell command injection (username map script)
1. Vulnerability description
2. Vulnerability exploitation process
2. Vulnerability experiment steps

1. Vulnerability description

Vulnerability number CVE-2007-2447
Disclosure time 2007-05-14
"username map script" is a remote command injection execution vulnerability of the Samba protocol.
Vulnerability path exploit/multi/samba/usermap_script
affects version samba 3.0.20-3.0.25

2. Vulnerability exploitation process

Scan the target machine Samba service version to determine that its service version is in the affected version of this vulnerability
Using the msf framework, use exploit/multi/samba/usermap_script for vulnerability exploitation
Set its related parameters and finally implement the attack

2. Vulnerability experiment steps

Attack machine: kali linux 192.168.75.129
Target machine: Metasploitable2-linux 192.168.75.128

Scan the target machine Samba service version
Insert picture description here
msfconsole Open msf and

search for "username map script" vulnerability module

Use this module to

view module details

View configuration
Insert picture description here
Set target target machine

Set bind_netcat load

Related configuration has been set

Execute the module to infiltrate
Insert picture description here
successfully and gain the target root privilege.

Guess you like

Origin blog.csdn.net/weixin_46329243/article/details/112446020

Novice tutorial-Samba penetration remote command injection vulnerability username map script (CVE-2007-2447)

Samba remote Shell command injection execution vulnerability (CVE-2007-2447)

Command injection vulnerability

Command injection vulnerability (1)

Command injection vulnerability (2)

Command injection vulnerability in DVWA

Vulnerability recurrence-Zhejiang Uniview isc LogReport.php remote command execution vulnerability (with vulnerability detection script)

Apache Spark UI Command Injection Vulnerability (CVE-2022-33891)

CVE Vulnerability Reappearance-CVE-2016-10033-Remote Command Execution

[High Risk] Command Injection Vulnerability in Apache NiFi Remote Resource Retrieval Function

The basis of penetration of the road - XXE Injection Vulnerability

CVE-2019-15107 Webmin Remote Command Execution Vulnerability

[Vulnerability recurrence] Apache RocketMQ Command Injection Vulnerability (CVE-2023-33246)

Terramaster TOS Command Injection Vulnerability (CVE-2022-24990). Centos7 Vulnerability Scanning

[DVWA (h)] command Command Injection Vulnerability

Apache Solr remote command execution vulnerability CVE-2019-0193 vulnerability recurrence

[Vulnerability recurrence] Metabase remote command execution vulnerability (CVE-2023-38646)

Penetration Testing [white] series of PHP-FRM Remote Code Execution Vulnerability (CVE-2019-11043) reproduce

Command Execution Vulnerability - Remote Command Execution

[Vulnerability Recurrence] Smanga Unauthorized Remote Code Execution Vulnerability (CVE-2023-36076) Additional SQL Injection + Arbitrary File Reading

PHP code audit: Command Injection Vulnerability

Security Test Series 1 Command Injection Vulnerability

CVE-2019-5475: Nexus Repository Manager 2 - OS command injection vulnerability alerts

CVE-2020-10882: TP-Link command injection vulnerability alert

[DVWA] Command Injection (injection command) clearance tutorial

Remote system command execution for penetration testing

Apache SSI Remote Command Execution Vulnerability

Fastjson 1.2.47 remote command execution vulnerability

Remote code/command execution vulnerability learning (1)

CVE-2020-7247: OpenSMTPD library Remote Command Execution Vulnerability Alert

Recommended

Ranking

error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘

Database migration between Navicat servers

Minimum number of rotation of the array: Array

balenaEtcher for mac (make a boot disk software) v1.5.67

Custom processing serialization and deserialization in jackson

Mu-en-mask system development software

Mastering Regular Expressions

Find mileage Java--

Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions

[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite

Daily

More

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)