Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0601 PoC — Microsoft Windows CryptoAPI 信任管理问题漏洞

Source
https://github.com/eastmountyxz/CVE-2018-20250-WinRAR
Associated Vulnerability
Title:Microsoft Windows CryptoAPI 信任管理问题漏洞 (CVE-2020-0601)
Description:A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
Description
这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,复现了该漏洞和理解恶意软件自启动劫持原理。作为网络安全初学者,自己确实很菜,但希望坚持下去,一起加油!
Readme
# CVE-2018-20250-WinRAR
这资源是作者复现WinRAR漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,复现了该漏洞和理解恶意软件自启动劫持原理。作为网络安全初学者,自己确实很菜,但希望坚持下去,一起加油!
File Snapshot

 [4.0K]  /data/pocs/40cdb2875aa349abdc7ec09e283d060bfa209ed6
├── [4.0K]  CVE-2018-20250-master
│   ├── [155K]  acefile.py
│   ├── [ 27K]  calc.exe
│   ├── [4.1K]  exp.py
│   ├── [  17]  hello.txt
│   ├── [ 27K]  test.rar
│   └── [  17]  world.txt
└── [ 299]  README.md

1 directory, 7 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →