Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0688 PoC — Microsoft Exchange Server 授权问题漏洞

Source
https://github.com/truongtn/cve-2020-0688
Associated Vulnerability
Title:Microsoft Exchange Server 授权问题漏洞 (CVE-2020-0688)
Description:A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
Description
I made this script for conducting CVE-2020-0688 more rapidly. It helps to improve checking the vuln, reducing hugely steps for that
Readme
# cve-2020-0688
I made this script for conducting CVE-2020-0688 more rapidly. It helps to improve checking the vuln, reducing hugely steps for that.\
Modify these inputs before running the file.\
url = "https://mail.something.com" #input 1*\
command = "cmd /c echo OOOPS!!! > c:/truongtn.txt" #input2*\
aspsession = "1111a11c-11ad-1c11-1111-1111122f5977"  # input3*\
File Snapshot

 [4.0K]  /data/pocs/1aeb47fbfa892462a4e1abcf145d865c30f6ffa2
├── [ 977]  cve-2020-0688.py
├── [ 44K]  fastjson.dll
├── [1.3M]  FSharp.Core.dll
├── [594K]  FSharp.Core.xml
├── [8.5K]  FsPickler.CSharp.dll
├── [ 34K]  FsPickler.CSharp.pdb
├── [ 14K]  FsPickler.CSharp.xml
├── [947K]  FsPickler.dll
├── [ 68K]  FsPickler.Json.dll
├── [100K]  FsPickler.Json.pdb
├── [6.0K]  FsPickler.Json.xml
├── [1.0M]  FsPickler.pdb
├── [129K]  FsPickler.xml
├── [1.2K]  LICENSE
├── [1.1M]  microsoft.identitymodel.dll
├── [1.3M]  Microsoft.PowerShell.Editor.dll
├── [ 22K]  NDesk.Options.dll
├── [638K]  Newtonsoft.Json.dll
├── [658K]  Newtonsoft.Json.xml
├── [ 367]  README.md
├── [5.7M]  System.Management.Automation.dll
├── [198K]  YamlDotNet.dll
├── [242K]  YamlDotNet.xml
├── [133K]  ysoserial.exe
├── [ 540]  ysoserial.exe.config
└── [170K]  ysoserial.pdb

0 directories, 26 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →