Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

CVE-2022-28219 PoC — ZOHO ManageEngine ADAudit Plus 代码问题漏洞

Source
https://github.com/rbowes-r7/manageengine-auditad-cve-2022-28219
Associated Vulnerability
Title:ZOHO ManageEngine ADAudit Plus 代码问题漏洞 (CVE-2022-28219)
Description:Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.
Readme
Code to support my [CVE-2022-28219 analysis](https://attackerkb.com/topics/Zx3qJlmRGY/cve-2022-28219/rapid7-analysis).

To execute, with Ruby and Rubygems installed:

```
gem install httparty
ruby ./manageengine-poc.rb <target> <port> <domain> <your ip>
```

This is designed as a proof of concept, not a stable exploit. It only runs calc. :)
File Snapshot

 [4.0K]  /data/pocs/047d1bec84b5d6b453d34f3ea38f4b00adc94334
├── [2.8K]  execute-calc.bin
├── [1.2K]  manageengine-get-password-hash.rb
├── [2.4K]  manageengine-list-files.rb
├── [ 251]  manageengine-plant-file.rb
├── [8.3K]  manageengine-poc.rb
└── [ 343]  README.md

0 directories, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →