Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-17099 PoC — Flexense SyncBreeze Enterprise HTTP服务器缓冲区错误漏洞

Source
https://github.com/wetw0rk/Exploit-Development
Associated Vulnerability
Title:Flexense SyncBreeze Enterprise HTTP服务器缓冲区错误漏洞 (CVE-2017-17099)
Description:There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under the Windows SYSTEM account.
Description
CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002
Readme
# Developed Exploits

This repository will contain any exploit or proof of concept code I release publicly. In addition to this, I will include Metasploit Modules, and ported exploits.

## Metasploit Modules

This directory will contain all Metasploit modules I've developed. Note that code within this directory may be a standalone PoC in another directory.

## Ported Exploits

Exploitation is one of the hardest skills to master as a Hacker. This directory will contain vulnerabilities I have not personally discovered, but instead re-created. In order to truly understand attacks, you must take apart an exploit and try to recreate it yourself. Keep in mind this repository only contains code published on other websites / blogs. I WILL NOT place every exploit I port here (would be a lot larger).
File Snapshot

 [4.0K]  /data/pocs/232172844818f73d7d1197ff84b14be4e3583040
├── [1.0K]  LICENSE.md
├── [4.0K]  Metasploit-Modules
│   ├── [8.1K]  erlang_cookie_rce.rb
│   ├── [5.5K]  pfsense_graph_injection_exec.rb
│   └── [5.3K]  syncbreeze_bof.rb
├── [4.0K]  Personal-Exploits
│   ├── [4.0K]  DELL EMC OneFS Storage Administration 8.1.2.0 - Authenticated RCE
│   │   ├── [4.0K]  images
│   │   │   ├── [ 25K]  admin-side.png
│   │   │   ├── [ 47K]  bruteforce.png
│   │   │   ├── [ 23K]  fssh.png
│   │   │   ├── [ 42K]  ftp-settings.png
│   │   │   └── [ 24K]  logged-in-shell.png
│   │   ├── [2.8K]  isilon-onefs-brute.py
│   │   ├── [4.0K]  isilon-onefs-ftp-exploit.py
│   │   └── [3.8K]  README.md
│   ├── [4.0K]  Nimsoft nimcontroller 7.80 - Unauthenticated RCE
│   │   └── [ 35K]  poc_release.c
│   ├── [ 437]  README.md
│   ├── [4.0K]  SyncBreeze Enterprise v10.1.16 - Unauthenticated RCE
│   │   ├── [4.0K]  images
│   │   │   └── [292K]  w00t.png
│   │   ├── [ 533]  README.md
│   │   └── [5.3K]  sploit-PoC.py
│   ├── [4.0K]  Sysdig Monitor - Kubernetes Post Exploitation
│   │   ├── [4.6K]  README.md
│   │   └── [8.5K]  sysdig_extract.py
│   └── [4.0K]  VXSearch v10.2.14 - Local Code Execution
│       ├── [4.0K]  images
│       │   └── [107K]  Proof.png
│       ├── [ 319]  README.md
│       └── [ 11K]  vxSearchSploitWin7.py
├── [4.0K]  Ported-Exploits
│   ├── [2.0K]  allok-exploit.py
│   ├── [3.8K]  CVE-2003-0727.py
│   ├── [3.6K]  CVE-2006-6184.py
│   ├── [4.9K]  CVE-2017-18047.py
│   ├── [4.5K]  CVE-2019-1003000_CVE-2018-1999002_exploit_chain.py
│   ├── [4.2K]  mysql_UDF_pwnage.py
│   └── [3.2K]  webdav_exploit.py
└── [ 802]  README.md

11 directories, 30 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →