Skip to content

Instantly share code, notes, and snippets.

View NoorQureshi's full-sized avatar

Noor Qureshi NoorQureshi

View GitHub Profile
@NoorQureshi
NoorQureshi / apache-james-exploit.py
Created October 12, 2017 22:20 — forked from kjiwa/apache-james-exploit.py
An exploit for Apache James 2.3.2 that executes remote commands. https://crimsonglow.ca/~kjiwa/#/exploiting-apache-james
"""An exploit for Apache James 2.3.2 that executes remote commands.
This script creates a new user and enqueues a payload to be executed the next
time a user logs in to the machine. The vulnerability is documented in
CVE-2015-7611.
For more details, see http://www.securityfocus.com/bid/76933 and
https://www.exploit-db.com/exploits/35513/.
"""