Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-28169 PoC — Kenhys Td Agent Builder 权限许可和访问控制问题漏洞

Source
https://github.com/zubrahzz/FluentD-TD-agent-Exploit-CVE-2020-28169
Associated Vulnerability
Title:Kenhys Td Agent Builder 权限许可和访问控制问题漏洞 (CVE-2020-28169)
Description:The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM.
Description
Insecure Folder permission that lead to privilege escalation
Readme
# FluentD-TD-agent-WindowsExploit <V4.0.1 CVE-2020-28169
Insecure Folder permission that leads to privilege escalation
Download URL:
https://td-agent-package-browser.herokuapp.com/4/windows
File Snapshot

 [4.0K]  /data/pocs/5cc039db2c06845c6b8af86ad97b226f7d183f7a
├── [330K]  FluentD-TdAgent Windows POC.doc
└── [ 191]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →