CVE-2022-33679
One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
Usage
usage: CVE-2022-33079.py [-h] [-ts] [-debug] [-dc-ip ip address] target serverName
Example
Sursa: https://github.com/Bdenneu/CVE-2022-33679
(CVE-2022-41352) Zimbra Unauthenticated RCE
CVE-2022-41352 is an arbitrary file write vulnerability in Zimbra mail servers due to the use of a vulnerable cpio version.
CVE-2022-41352 (NIST.gov)
CVE-2022-41352 (Rapid7 Analysis)
Affected Zimbra versions:
Zimbra <9.0.0.p27
Zimbra <8.8.15.p34
(Refer to the patch notes for more details.)
Remediation:
In order to fix the vulnerability apply the latest patch (9.0.0.p27 and 8.8.15.p34 respectively) - or install pax and restart the server.
Usage:
You can either use flags or manipulate the default configuration in the script manually (config block at the top). Use -h for help.
$ python cve-2022-41352.py -h
$ vi cve-2022-41352.py
# Change the config items.
$ python cve-2022-41352.py manual
# This will create an attachment that you can then send to the target server.
# The recipient does not necessarily have to exist - if the email with the attachment is parsed by the server the arbitrary file write in cpio will be triggered.
Example:
Demo:
zimbra-rce-demo-cve-2022-41352.mp4
About
Zimbra <9.0.0.p27 RCE
Sursa: https://github.com/Cr4ckC4t/cve-2022-41352-zimbra-rce