CVE-2020-7247

This exploit leverages CVE-2020-7247 in OpenSMTPD 6.4.0-6.6.1, where incorrect input validation in the `smtp_mailaddr` function allows command injection via shell metacharacters in the MAIL FROM field. It supports both local privilege escalation (LPE) and remote code execution (RCE) by sending a crafted SMTP session to execute arbitrary commands as root.

This Metasploit module exploits a command injection vulnerability in OpenSMTPD's MAIL FROM field to achieve remote code execution as root. It uses a comment slide technique to bypass input restrictions and deliver a payload.

This exploit leverages a command injection vulnerability in OpenSMTPD by sending a maliciously crafted MAIL FROM command to execute arbitrary shell commands. The vulnerability arises from inadequate escaping of user-controlled input.

This repository contains a functional Python exploit for CVE-2020-7247, a remote command execution vulnerability in OpenSMTPD. The exploit leverages a flaw in the mail address parser to inject shell commands, allowing arbitrary file writes and command execution.

This repository contains a functional exploit for CVE-2020-7247, targeting OpenSMTPD versions 6.4.0 to 6.6.1. The exploit leverages a command injection vulnerability in the SMTP server to achieve remote code execution via a crafted MAIL FROM command.

This repository contains a functional Go-based exploit for CVE-2020-7247, which targets OpenSMTPD versions prior to 6.6.2. The exploit leverages a command injection vulnerability in the SMTP server to achieve remote code execution by sending a crafted MAIL FROM command followed by a reverse shell payload.

This repository contains a functional Python exploit for CVE-2020-7247, targeting OpenSMTPD versions before 6.6.2. The exploit leverages improper input sanitization to inject shell commands via SMTP, achieving remote code execution.

This repository contains a functional Python-based worm that exploits CVE-2020-7247, a remote code execution vulnerability in OpenSMTPD 6.6.1. The exploit leverages a malformed 'MAIL FROM' command to execute arbitrary commands on vulnerable SMTP servers.

This repository contains a functional exploit for CVE-2020-7247, a command injection vulnerability in OpenSMTPD. The exploit leverages improper validation of email addresses in the `MAIL FROM` field to execute arbitrary commands via shell metacharacters.

This repository contains a functional exploit for CVE-2020-7247, a remote code execution vulnerability in OpenSMTPD versions 6.4.0 to 6.6.1. The exploit leverages a command injection flaw in the SMTP server's mail address parsing to execute arbitrary commands.

This repository contains a functional exploit for CVE-2020-7247, demonstrating arbitrary command execution in OpenSMTPD via a crafted SMTP session. The exploit leverages command injection in the 'MAIL FROM' field to achieve remote code execution.

This repository contains a functional exploit for CVE-2020-7247, targeting OpenSMTPD versions 6.4.0 to 6.6.1. The exploit leverages a command injection vulnerability in the SMTP server to achieve remote code execution by sending a crafted MAIL FROM command followed by a payload that triggers a reverse shell.

This repository contains a functional exploit for CVE-2020-7247, targeting OpenSMTPD's 'smtp_mailaddr()' function. The exploit leverages a command injection vulnerability to achieve remote code execution (RCE) as root by sending a crafted SMTP payload.

This repository contains functional exploit code for CVE-2020-7247, targeting OpenBSD's OpenSMTPD for local privilege escalation (LPE) and remote code execution (RCE). The exploits are well-documented and include multiple PoCs for various platforms and vulnerabilities.

This Metasploit module exploits a command injection vulnerability in OpenSMTPD's MAIL FROM field to achieve remote code execution as root. It uses a 'comment slide' technique to bypass input restrictions and deliver a payload via SMTP commands.