nomisec
WORKING POC
25 stars
by FiroSolutions · poc
https://github.com/FiroSolutions/cve-2020-7247-exploit
This repository contains a functional Python exploit for CVE-2020-7247, a remote command execution vulnerability in OpenSMTPD. The exploit leverages a flaw in the mail address parser to inject shell commands, allowing arbitrary file writes and command execution.
Classification
Working Poc 95%
Target:
OpenSMTPD (versions prior to 6.6.4p1)
No auth needed
Prerequisites:
Network access to the OpenSMTPD service (port 25)
nomisec
WORKING POC
11 stars
by QTranspose · remote
https://github.com/QTranspose/CVE-2020-7247-exploit
This repository contains a functional exploit for CVE-2020-7247, targeting OpenSMTPD versions 6.4.0 to 6.6.1. The exploit leverages a command injection vulnerability in the SMTP server to achieve remote code execution via a crafted MAIL FROM command.
Classification
Working Poc 100%
Target:
OpenSMTPD 6.4.0 - 6.6.1
No auth needed
Prerequisites:
Network access to the target SMTP port · Valid recipient email address
nomisec
WORKING POC
5 stars
by r0lh · poc
https://github.com/r0lh/CVE-2020-7247
This repository contains a functional Go-based exploit for CVE-2020-7247, which targets OpenSMTPD versions prior to 6.6.2. The exploit leverages a command injection vulnerability in the SMTP server to achieve remote code execution by sending a crafted MAIL FROM command followed by a reverse shell payload.
Classification
Working Poc 100%
Target:
OpenSMTPD < 6.6.2
No auth needed
Prerequisites:
Network access to the OpenSMTPD server on port 25 · A listener set up on the attacker's machine to receive the reverse shell
nomisec
WORKING POC
4 stars
by superzerosec · remote
https://github.com/superzerosec/cve-2020-7247
This repository contains a functional Python exploit for CVE-2020-7247, targeting OpenSMTPD versions before 6.6.2. The exploit leverages improper input sanitization to inject shell commands via SMTP, achieving remote code execution.
Classification
Working Poc 95%
Target:
OpenSMTPD < 6.6.2
No auth needed
Prerequisites:
Network access to OpenSMTPD port (typically 25) · Python 3 with pwntools library
nomisec
WORKING POC
2 stars
by SimonSchoeni · remote
https://github.com/SimonSchoeni/CVE-2020-7247-POC
This repository contains a functional exploit for CVE-2020-7247, a command injection vulnerability in OpenSMTPD. The exploit leverages improper validation of email addresses in the `MAIL FROM` field to execute arbitrary commands via shell metacharacters.
Classification
Working Poc 100%
Target:
OpenSMTPD 6.6.1
No auth needed
Prerequisites:
Network access to OpenSMTPD port 25 · Python 3.x with pwntools
nomisec
WORKING POC
2 stars
by f4T1H21 · remote
https://github.com/f4T1H21/CVE-2020-7247
This repository contains a functional exploit for CVE-2020-7247, a remote code execution vulnerability in OpenSMTPD versions 6.4.0 to 6.6.1. The exploit leverages a command injection flaw in the SMTP server's mail address parsing to execute arbitrary commands.
Classification
Working Poc 100%
Target:
OpenSMTPD 6.4.0 < 6.6.1
No auth needed
Prerequisites:
Network access to the OpenSMTPD server · Valid recipient email address on the target server
nomisec
WORKING POC
2 stars
by presentdaypresenttime · poc
https://github.com/presentdaypresenttime/shai_hulud
This repository contains a functional Python-based worm that exploits CVE-2020-7247, a remote code execution vulnerability in OpenSMTPD 6.6.1. The exploit leverages a malformed 'MAIL FROM' command to execute arbitrary commands on vulnerable SMTP servers.
Classification
Working Poc 95%
Target:
OpenSMTPD 6.6.1p1
No auth needed
Prerequisites:
Network access to vulnerable OpenSMTPD server · Python environment with required libraries
nomisec
WORKING POC
1 stars
by minhluannguyen · remote
https://github.com/minhluannguyen/CVE-2020-7247-reproducer
This repository contains a functional exploit for CVE-2020-7247, demonstrating arbitrary command execution in OpenSMTPD via a crafted SMTP session. The exploit leverages command injection in the 'MAIL FROM' field to achieve remote code execution.
Classification
Working Poc 95%
Target:
OpenSMTPD 6.6.1p1
No auth needed
Prerequisites:
Network access to the SMTP port (25) · Vulnerable OpenSMTPD version
gitlab
WORKING POC
by f4T1H21 · remote
https://gitlab.com/f4T1H21/CVE-2020-7247
This repository contains a functional exploit for CVE-2020-7247, targeting OpenSMTPD versions 6.4.0 to 6.6.1. The exploit leverages a command injection vulnerability in the SMTP server to achieve remote code execution by sending a crafted MAIL FROM command followed by a payload that triggers a reverse shell.
Classification
Working Poc 100%
Target:
OpenSMTPD 6.4.0 < 6.6.1
No auth needed
Prerequisites:
Network access to the OpenSMTPD server · Valid recipient email address on the target server
nomisec
WORKING POC
by bytescrappers · remote
https://github.com/bytescrappers/CVE-2020-7247
This repository contains a functional exploit for CVE-2020-7247, targeting OpenSMTPD's 'smtp_mailaddr()' function. The exploit leverages a command injection vulnerability to achieve remote code execution (RCE) as root by sending a crafted SMTP payload.
Classification
Working Poc 95%
Target:
OpenSMTPD on OpenBSD 6.6
No auth needed
Prerequisites:
Network access to the target SMTP server · OpenSMTPD running on OpenBSD 6.6
metasploit
WORKING POC
EXCELLENT
by Qualys, wvu · rubypocunix
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/smtp/opensmtpd_mail_from_rce.rb
This Metasploit module exploits a command injection vulnerability in OpenSMTPD's MAIL FROM field to achieve remote code execution as root. It uses a 'comment slide' technique to bypass input restrictions and deliver a payload via SMTP commands.
Classification
Working Poc 100%
Target:
OpenSMTPD 6.4.0 - 6.6.1
No auth needed
Prerequisites:
Network access to OpenSMTPD port (25) · Valid mail recipient
exploitdb
WORKING POC
VERIFIED
by 1F98D · pythonremotelinux
https://www.exploit-db.com/exploits/47984
This exploit leverages a command injection vulnerability in OpenSMTPD by sending a maliciously crafted MAIL FROM command to execute arbitrary shell commands. The vulnerability arises from inadequate escaping of user-controlled input.
Classification
Working Poc 100%
Target:
OpenSMTPD < 6.6.2
No auth needed
Prerequisites:
Network access to the SMTP port (typically 25) · OpenSMTPD version < 6.6.2
exploitdb
WORKING POC
VERIFIED
by Marco Ivaldi · perlremoteopenbsd
https://www.exploit-db.com/exploits/48051
This exploit leverages CVE-2020-7247 in OpenSMTPD 6.4.0-6.6.1, where incorrect input validation in the `smtp_mailaddr` function allows command injection via shell metacharacters in the MAIL FROM field. It supports both local privilege escalation (LPE) and remote code execution (RCE) by sending a crafted SMTP session to execute arbitrary commands as root.
Classification
Working Poc 100%
Target:
OpenSMTPD 6.4.0 - 6.6.1
No auth needed
Prerequisites:
OpenSMTPD running with default or uncommented configuration · Network access to SMTP port (25) for RCE · Local access for LPE
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/48038
This Metasploit module exploits a command injection vulnerability in OpenSMTPD's MAIL FROM field to achieve remote code execution as root. It uses a comment slide technique to bypass input restrictions and deliver a payload.
Classification
Working Poc 100%
Target:
OpenSMTPD (versions with commit a8e222352f or later)
No auth needed
Prerequisites:
Network access to the SMTP port (default 25) · Valid recipient email address
vulncheck_xdb
WORKING POC
remote
https://github.com/0xdea/exploits
This repository contains functional exploit code for CVE-2020-7247, targeting OpenBSD's OpenSMTPD for local privilege escalation (LPE) and remote code execution (RCE). The exploits are well-documented and include multiple PoCs for various platforms and vulnerabilities.
Classification
Working Poc 100%
Target:
OpenBSD OpenSMTPD
No auth needed
Prerequisites:
Access to the target system · OpenSMTPD running on OpenBSD 6.4, 6.5, or 6.6