msf replication samba remote code execution vulnerability - immediate security

Posted by lipsius at 2020-03-23

1. Use docker to build (Linux? Samba)

After downloading, let's confirm whether docker Samba has been successfully opened:


Cve-2017-7494 Download: / modules / exploits / Linux / Samba / is_known_pipename.rb

Copy the ruby script to Kali's directory / usr / share / Metasploit framework / modules / exploits / Linux / Samba /

Start msfconsole and choose to use the is? Known? Pipename module:

Use the options option to view the parameters we need to set:

We can see that we only need to set the target IP.

Set target IP:


Verify that the vulnerability was successfully exploited:

As you can see, we have successfully obtained the root permission of the target.

Video presentation: