Qmail SMTP Bash Environment Variable Injection (Shellshock)

Posted by deepcore on September 30, 2017 – 11:54 am

This Metasploit module exploits a shellshock vulnerability on Qmail, a public domain MTA written in C that runs on Unix systems. Due to the lack of validation on the MAIL FROM field, it is possible to execute shell code on a system with a vulnerable BASH (Shellshock). This flaw works on the latest Qmail versions (qmail-1.03 and netqmail-1.06). However, in order to execute code, /bin/sh has to be linked to bash (usually default configuration) and a valid recipient must be set on the RCPT TO field (usually admin@exampledomain.com). The exploit does not work on the “qmailrocks” community version as it ensures the MAILFROM field is well-formed.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Easy Blog PHP Script 1.3a SQL Injection PhpCollab 2.5.1 Shell Upload »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Qmail SMTP Bash Environment Variable Injection (Shellshock)

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL