Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2020-17144 PoC — Microsoft Exchange Remote Code Execution Vulnerability

Source
https://github.com/zcgonvh/CVE-2020-17144
Associated Vulnerability
Title:Microsoft Exchange Remote Code Execution Vulnerability (CVE-2020-17144)
Description:Microsoft Exchange Remote Code Execution Vulnerability
Description
weaponized tool for CVE-2020-17144
Readme
## weaponized tool for CVE-2020-17144(Microsoft Exchange 2010 MRM.AutoTag.Model unsafe deserialize vulnerability)

### build

install .net framework 3.5 first, then `make`. 

### usage
	CVE-2020-17144 <target> <user> <pass>

After exploit, access http://[target]/ews/soap/?pass=whoami to get command execution.

![](https://raw.githubusercontent.com/zcgonvh/CVE-2020-17144/master/exp.jpg)

And you can also modify e.cs as a customize exp.

for more information, read [my-blog-post](http://www.zcgonvh.com/post/analysis_of_CVE-2020-17144_and_to_weaponizing.html)(in chinese).
File Snapshot

 [4.0K]  /data/pocs/4dbd26478a35332d4d311b48bcd60a8155262ce2
├── [8.3K]  CVE-2020-17144.cs
├── [2.5K]  e.cs
├── [6.9K]  exp.jpg
├── [ 169]  make.bat
├── [1.0M]  Microsoft.Exchange.WebServices.dll
└── [ 574]  README.md

0 directories, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →