Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-7494 PoC — Samba 安全漏洞

Source
https://github.com/homjxi0e/CVE-2017-7494
Associated Vulnerability
Title:Samba 安全漏洞 (CVE-2017-7494)
Description:Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Readme
# CVE-2017-7494
# hello i,am Gihad from Libya > 17 C
# information On Exploit
# ==========================================================================================
  This module triggers an arbitrary shared library load vulnerability 
  in Samba versions 3.5.0 to 4.4.14, 4.5.10, and 4.6.4. This module 
  requires valid credentials, a writeable folder in an accessible 
  share, and knowledge of the server-side path of the writeable 
  folder. In some cases, anonymous access combined with common 
  filesystem locations can be used to automatically exploit this 
  vulnerability.
# ==========================================================================================
# Download Script is_known_pipename
# 
# > target >
# Ubuntu Ubuntu Linux 17.04
# SuSE Linux Enterprise Software Development Kit 12 SP2
# SuSE Linux Enterprise Software Development Kit 12 SP1
# SuSE Linux Enterprise Software Development Kit 11 SP4
# SuSE Linux Enterprise Server for Raspberry Pi 12-SP2
# SuSE Linux Enterprise Server 12-SP2
# SuSE Linux Enterprise Server 12-SP1
# SuSE Linux Enterprise Server 11 SP4
# SuSE Linux Enterprise Server 11 SP3 LTSS
SuSE Linux Enterprise Point of Sale 11-SP3
# SuSE Linux Enterprise High Availability 12-SP2
# SuSE Linux Enterprise High Availability 12-SP1
SuSE Linux Enterprise Desktop 12-SP2
# SuSE Linux Enterprise Desktop 12-SP1
# SuSE Linux Enterprise Debuginfo 11 SP4
# SuSE Linux Enterprise Debuginfo 11 SP3
# Samba Samba 4.6.1
# Samba Samba 4.6
# Samba Samba 4.5.7
# Samba Samba 4.5.6
# Samba Samba 4.5.5
# Samba Samba 4.5.4
# Samba Samba 4.5.1
# Samba Samba 4.5
# Samba Samba 4.4.12
# Samba Samba 4.4.11
# Samba Samba 4.4.10
# Samba Samba 4.4.9
# Samba Samba 4.4.7
# Samba Samba 4.4.6
# Samba Samba 4.4.1
# Samba Samba 4.4
# Samba Samba 4.3.7
# Samba Samba 4.3.5
# Samba Samba 4.3.4
# Samba Samba 4.3.3
# Samba Samba 4.3.2
# Samba Samba 4.3.1
# Samba Samba 4.3
# Samba Samba 4.2.10
# Samba Samba 4.2.8
# Samba Samba 4.2.7
# Samba Samba 4.2.6
# Samba Samba 4.2.5
# Samba Samba 4.2.4
# Samba Samba 4.2.3
# Samba Samba 4.2.2
# Samba Samba 4.2.1
# Samba Samba 4.2
# Samba Samba 4.1.22
# Samba Samba 4.1.21
# Samba Samba 4.1.20
# Samba Samba 4.1.19
# Samba Samba 4.1.18
# Samba Samba 4.1.17
# Samba Samba 4.1.16
# Samba Samba 4.1.15
# Samba Samba 4.1.14
# Samba Samba 4.1.13
# Samba Samba 4.1.10
# Samba Samba 4.1.9
# Samba Samba 4.1.7
# Samba Samba 4.1.3
# Samba Samba 4.1.2
# Samba Samba 4.1.1
# Samba Samba 4.1
# Samba Samba 4.0.24
# Samba Samba 4.0.23
# Samba Samba 4.0.21
# Samba Samba 4.0.20
# Samba Samba 4.0.19
# Samba Samba 4.0.18
# Samba Samba 4.0.17
# Samba Samba 4.0.13
# Samba Samba 4.0.12
# Samba Samba 4.0.10
# Samba Samba 4.0.2
# Samba Samba 3.5.22
# Samba Samba 3.5.21
# Samba Samba 3.5.16
# Samba Samba 3.5.13
Samba Samba 3.5.9
Samba Samba 3.5.8
Samba Samba 3.5.2
Samba Samba 3.5.1
Samba Samba 3.5
Samba Samba 4.5.3
Samba Samba 4.5.2
Samba Samba 4.4.8
Samba Samba 4.4.5
Samba Samba 4.4.4
Samba Samba 4.4.3
Samba Samba 4.4.2
Samba Samba 4.3.9
Samba Samba 4.3.8
Samba Samba 4.3.6
Samba Samba 4.3.13
Samba Samba 4.3.11
Samba Samba 4.3.10
Samba Samba 4.2.9
#  Trustix Secure Linux 2.0
#  Trustix Secure Linux 1.5
# Samba Samba 4.2.14
# Samba Samba 4.2.13
# Samba Samba 4.2.12
# Samba Samba 4.2.11
# Samba Samba 4.1.8
# Samba Samba 4.1.6
# Samba Samba 4.1.5
# Samba Samba 4.1.23
#  Trustix Secure Linux 2.0
#  Trustix Secure Linux 1.5
# Samba Samba 4.1.11
# Samba Samba 4.0.9
# Samba Samba 4.0.8
# Samba Samba 4.0.7
# Samba Samba 4.0.6
#  Samba Samba 4.0.5
# Samba Samba 4.0.4
# Samba Samba 4.0.3
# Samba Samba 4.0.22
# Samba Samba 4.0.16
# Samba Samba 4.0.15
# Samba Samba 4.0.14
# Samba Samba 4.0.11
# Samba Samba 4.0.1
# Samba Samba 4.0.0
# Samba Samba 3.5.7
# Samba Samba 3.5.6
# Samba Samba 3.5.5
# Samba Samba 3.5.4
# Samba Samba 3.5.3
# Samba Samba 3.5.20
# Samba Samba 3.5.19
# Samba Samba 3.5.18
# Samba Samba 3.5.15
# Samba Samba 3.5.14
# Samba Samba 3.5.10
# Redhat Gluster 3.2 on RHEL-7
# Redhat Gluster 3.2 on RHEL-6
# Redhat Enterprise Linux Workstation Optional 7
# Redhat Enterprise Linux Workstation 7
# Redhat Enterprise Linux Workstation 6
# Redhat Enterprise Linux Server Optional 7
# Redhat Enterprise Linux Server 7
# Redhat Enterprise Linux Server 5
# Redhat Enterprise Linux Resilient Storage 7
# Redhat Enterprise Linux HPC Node 6
# Redhat Enterprise Linux Desktop Optional 6
# Redhat Enterprise Linux Desktop 6
# Redhat Enterprise Linux ComputeNode Optional 7
# Redhat Enterprise Linux ComputeNode 7
# Oracle Enterprise Linux 6.2
# Oracle Enterprise Linux 6
# Debian Linux 6.0 sparc
# Debian Linux 6.0 s/390
# Debian Linux 6.0 powerpc
# Debian Linux 6.0 mips
# Debian Linux 6.0 ia-64
# Debian Linux 6.0 ia-32
# Debian Linux 6.0 ia-30
# Debian Linux 6.0 arm
# Debian Linux 6.0 amd64
File Snapshot

 [4.0K]  /data/pocs/1ce39aad97f240da5e42700d07f25d9999fd1769
├── [8.7K]  is_known_pipename.rb
└── [4.6K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →