Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-7247 PoC — Openbsd Opensmtpd代码问题漏洞

Source
https://github.com/f4T1H21/CVE-2020-7247
Associated Vulnerability
Title:Openbsd Opensmtpd代码问题漏洞 (CVE-2020-7247)
Description:smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
Description
PoC exploit for CVE-2020-7247 OpenSMTPD 6.4.0 < 6.6.1 Remote Code Execution
Readme
# CVE 2020-7247

PoC exploit for OpenSMTPD 6.4.0 < 6.6.1 - Remote Code Execution, written by [f4T1H](https://github.com/f4T1H21), inspired by [QTranspose](https://github.com/QTranspose).<br>
Reference: <https://www.qualys.com/2020/01/28/cve-2020-7247/lpe-rce-opensmtpd.txt>

##### Dependencies:
```bash
pip3 install pwntools
```
## Usage:
```bash
python3 exploit.py <RHOST> <RPORT> <recipient_mail> <LHOST> <LPORT>
```
![](src/poc.gif)
File Snapshot

 [4.0K]  /data/pocs/8ffb5aa35e1fa34910559ef4d8242cae614d9ea4
├── [1.9K]  exploit.py
├── [ 34K]  LICENSE
├── [ 436]  README.md
└── [4.0K]  src
    └── [ 74K]  poc.gif

1 directory, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →