Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0688 PoC — Microsoft Exchange Server 授权问题漏洞

Source
https://github.com/tvdat20004/CVE-2020-0688
Associated Vulnerability
Title:Microsoft Exchange Server 授权问题漏洞 (CVE-2020-0688)
Description:A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.
Description
CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server Through Fixed Cryptographic Keys
Readme
# CVE-2020-0688
- CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server Through Fixed Cryptographic Keys


How to run
- ysonet.exe: download from [here](https://github.com/pwntester/ysoserial.net/actions/runs/16685788030/artifacts/3671092496)

- Run HTTP server: 
```
python3 -m http.server 8000
```
- Change `target_url` and your IP address in `pwsh` command.
- Install all python dependencies.
- Run `python3 exploit.py`
<img width="2312" height="1278" alt="image" src="https://github.com/user-attachments/assets/46744fc4-b3ef-4fe1-b35d-7cf1b9d950d1" />
File Snapshot

 [4.0K]  /data/pocs/43424f60b4947e8e05ab946dd44965d1215fec58
├── [6.1K]  exploit.py
├── [ 583]  README.md
├── [1.8K]  script.bat
└── [2.1M]  test.pdf

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →