module

Solaris LPD Command Execution

Disclosed
2001-08-31
Created
2018-05-30

Description

This module exploits an arbitrary command execution flaw in
the in.lpd service shipped with all versions of Sun Solaris
up to and including 8.0. This module uses a technique
discovered by Dino Dai Zovi to exploit the flaw without
needing to know the resolved name of the attacking system.

Authors

hdm x@hdm.io
ddz ddz@theta44.org

Platform

Solaris,Unix

Architectures

cmd

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


msf > use exploit/solaris/lpd/sendmail_exec
msf exploit(sendmail_exec) > show targets
...targets...
msf exploit(sendmail_exec) > set TARGET < target-id >
msf exploit(sendmail_exec) > show options
...show and set options...
msf exploit(sendmail_exec) > exploit

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.