CVE-2020-0601 PoC — Microsoft Windows CryptoAPI 信任管理问题漏洞

Source

https://github.com/tyj956413282/curveball-plus

Associated Vulnerability

Title:Microsoft Windows CryptoAPI 信任管理问题漏洞 (CVE-2020-0601)
Description:A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.

Description

simulation experiment of Curveball (CVE-2020-0601) attacks under ECQV implicit certificates with Windows-like verifiers

Readme

# curveball-plus
simulation experiment of Curveball (CVE-2020-0601) attacks under ECQV implicit certificates with Windows-like verifiers

This file is constantly updated!

File Snapshot


 [4.0K]  /data/pocs/c96e8f757d85b02437d3e5d5ada4f0c6c09a5f6b
├── [1.7K]  color.h
├── [4.6K]  curveball.cpp
├── [ 362]  curveball.h
├── [ 19K]  ecqv.cpp
├── [3.3K]  ecqv.h
├── [2.6K]  encode_wincert.cpp
├── [ 198]  encode_wincert.h
├── [ 641]  head.h
├── [ 822]  main.cpp
├── [4.7K]  make_cert.cpp
├── [ 504]  make_cert.h
├── [ 12K]  minimum_cache.cpp
├── [3.1K]  my_ctl_cache.h
├── [3.4K]  my_storage_ctx.cpp
├── [6.2K]  normal_cache.cpp
├── [ 172]  README.md
├── [2.7K]  test_1_ecqv.cpp
├── [ 526]  test_2_encode_wincert.cpp
├── [ 14K]  test_3_validate_cert.cpp
├── [2.4K]  test_4_curveball_explicit.cpp
├── [2.7K]  test_6.cpp
├── [2.4K]  test_7.cpp
├── [ 521]  test.h
├── [6.4K]  validate_cert.cpp
├── [ 337]  validate_cert.h
└── [6.0K]  wincert.cpp

0 directories, 26 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!