### [CVE-2007-2447](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.

### POC

#### Reference
- http://securityreason.com/securityalert/2700

#### Github
- https://github.com/0xConstant/CVE-2007-2447
- https://github.com/0xConstant/ExploitDevJourney
- https://github.com/0xKn/CVE-2007-2447
- https://github.com/0xTabun/CVE-2007-2447
- https://github.com/0xkasra/CVE-2007-2447
- https://github.com/0xkasra/ExploitDevJourney
- https://github.com/3t4n/samba-3.0.24-CVE-2007-2447-vunerable-
- https://github.com/3x1t1um/CVE-2007-2447
- https://github.com/4n0nym0u5dk/usermap_script_CVE-2007-2447
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Alien0ne/CVE-2007-2447
- https://github.com/Anekant-Singhai/Exploits
- https://github.com/AveryVaughn/forCVE
- https://github.com/Aviksaikat/CVE-2007-2447
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/Desm0ndChan/OSCP-cheatsheet
- https://github.com/G01d3nW01f/CVE-2007-2447
- https://github.com/GaloisInc/msf-haskell
- https://github.com/H3xL00m/CVE-2007-2447
- https://github.com/HerculesRD/PyUsernameMapScriptRCE
- https://github.com/IamLucif3r/CVE-2007-2447-Exploit
- https://github.com/JoseBarrios/CVE-2007-2447
- https://github.com/Juantos/cve-2007-2447
- https://github.com/Ki11i0n4ir3/CVE-2007-2447
- https://github.com/Ki11i0n4ir3/Sambaster
- https://github.com/Kr1tz3x3/HTB-Writeups
- https://github.com/MikeRega7/CVE-2007-2447-RCE
- https://github.com/Nosferatuvjr/Samba-Usermap-exploit
- https://github.com/Patrick122333/4240project
- https://github.com/SamHackingArticles/CVE-2007-2447
- https://github.com/ShivamDey/Samba-CVE-2007-2447-Exploit
- https://github.com/Sp3c73rSh4d0w/CVE-2007-2447
- https://github.com/Tamie13/Penetration-Testing-Week-16
- https://github.com/Unix13/metasploitable2
- https://github.com/WildfootW/CVE-2007-2447_Samba_3.0.25rc3
- https://github.com/Y2FuZXBh/exploits
- https://github.com/Ziemni/CVE-2007-2447-in-Python
- https://github.com/amriunix/CVE-2007-2447
- https://github.com/b1fair/smb_usermap
- https://github.com/bdunlap9/CVE-2007-2447_python
- https://github.com/c0d3cr4f73r/CVE-2007-2447
- https://github.com/cherrera0001/CVE-2007-2447
- https://github.com/crypticdante/CVE-2007-2447
- https://github.com/gwyomarch/Lame-HTB-Writeup-FR
- https://github.com/hussien-almalki/Hack_lame
- https://github.com/jwardsmith/Penetration-Testing
- https://github.com/k4u5h41/CVE-2007-2447
- https://github.com/macosta-42/Exploit-Development
- https://github.com/marcocastro100/Intrusion_Detection_System-Python
- https://github.com/mmezirard/cve-2007-2447
- https://github.com/mr-l0n3lly/CVE-2007-2447
- https://github.com/n3masyst/n3masyst
- https://github.com/n3ov4n1sh/CVE-2007-2447
- https://github.com/nickvourd/smb-usermap-destroyer
- https://github.com/oscar-rk/CTF-Writeups
- https://github.com/oscar-rk/exploits
- https://github.com/ozuma/CVE-2007-2447
- https://github.com/pulkit-mital/samba-usermap-script
- https://github.com/pwnd-root/exploits-and-stuff
- https://github.com/s4msec/CVE-2007-2447
- https://github.com/skeeperloyaltie/network
- https://github.com/tarikemal/exploit-ftp-samba
- https://github.com/testaross4/CVE-2007-2447
- https://github.com/un4gi/CVE-2007-2447
- https://github.com/vasev85/exploit
- https://github.com/voukatas/PenTest_Metasploitable2
- https://github.com/xbufu/CVE-2007-2447
- https://github.com/xlcc4096/exploit-CVE-2007-2447
- https://github.com/ygbull/Capstone
- https://github.com/yukitsukai47/PenetrationTesting_cheatsheet