关联漏洞
介绍
CVE-2025-59287 - WSUS Exploitation Toolkit
by adel-h4x0a
⚠️ For Educational and Authorized Testing Purposes Only ⚠️
Overview
This toolkit demonstrates the exploitation of CVE-2025-59287, a remote code execution vulnerability in Windows Server Update Services (WSUS).
Components
1. Encryption Module (cve-2025-59287-encr.py)
· AES payload encryption for WSUS communication
· Support for both legacy and secure encryption modes
· Custom payload generation
2. Exploitation Module (cve-2025-59287-exp.py)
· Full exploitation chain for CVE-2025-59287
· Robust error handling and retry logic
· Custom payload support
Structure
```
📁 CVE-2025-59287-WSUS-Exploit/
├── 📄 cve-2025-59287-encr.py # Encryption module
├── 📄 cve-2025-59287-exp.py # Exploitation module
├── 📄 requirements.txt # Dependencies
└── 📄 README.md # This file
```
Usage
Prerequisites
```bash
pip install -r requirements.txt
```
Encryption
```bash
# Basic encryption
python cve-2025-59287-encr.py --command "calc" --mode legacy
# Encryption with custom key
python cve-2025-59287-encr.py --key "877C14E433638145AD21BD0C17393071" --command "whoami"
# Save output to file
python cve-2025-59287-encr.py --command "ipconfig" --output payload.txt
```
Exploitation
```bash
# Basic exploitation
python cve-2025-59287-exp.py http://wsus-server:8530
# With custom payload
python cve-2025-59287-exp.py http://192.168.1.100:8530 --payload custom_payload.txt
# With advanced settings
python cve-2025-59287-exp.py http://wsus-server:8530 --timeout 60 --retries 5
```
Options
Encryption Module (cve-2025-59287-encr.py)
· --key: AES key in hex format (optional)
· --command: Command to execute (default: calc)
· --mode: Encryption mode [`legacy`, `secure`] (default: legacy)
· --output: Output file to save payload (optional)
Exploitation Module (cve-2025-59287-exp.py)
· target: WSUS server URL (required)
· --payload: Custom base64 payload file (optional)
· --timeout: Request timeout in seconds (default: 30)
· --retries: Number of retry attempts (default: 3)
· --no-banner: Suppress banner display (optional)
Complete Example
```bash
# Generate custom payload
python cve-2025-59287-encr.py --command "whoami /all" --output custom_payload.txt
# Execute exploitation
python cve-2025-59287-exp.py http://wsus.internal.com:8530 --payload custom_payload.txt
```
Legal Disclaimer
❗ Important Warning:
This tool is provided for educational purposes and authorized penetration testing only. Unauthorized use against systems you do not own or have explicit permission to test is illegal.
This tool should only be used in:
· Testing environments that you own
· Systems for which you have obtained written permission to test
· Educational and academic purposes
The developer is not responsible for any illegal or unauthorized use of this tool.
License
This project is licensed under the MIT License.
Updates
· v1.0: Initial release with full exploitation support
· v1.1: Enhanced error handling and logging improvements
Contributing
Bug reports and pull requests are encouraged to improve the tool within the framework of responsible and ethical usage.
---
Note: Always obtain written permission before testing any system. Security awareness begins with responsibility. 🔒
文件快照
[4.0K] /data/pocs/9718854828323819c7f1063a33e71357f90ca66f
├── [8.6K] cve-2025-59287-encr.py
├── [ 18K] cve-2025-59287-exp.py
├── [3.3K] README.md
└── [ 53] requirements.txt
1 directory, 4 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →