CVE-2020-0688 PoC — Microsoft Exchange Server 授权问题漏洞

Source

https://github.com/zcgonvh/CVE-2020-0688

Associated Vulnerability

Title:Microsoft Exchange Server 授权问题漏洞 (CVE-2020-0688)
Description:A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.

Description

Exploit and detect tools for CVE-2020-0688

Readme

## Exploit and detect tools for CVE-2020-0688(Microsoft Exchange default MachineKeySection deserialize vulnerability)

### build

	csc ExchangeCmd.cs
	csc ExchangeDetect.cs

### usage
	ExchangeDetect <target> <user> <pass>

 ![](https://raw.githubusercontent.com/zcgonvh/CVE-2020-0688/master/detect.png)
 
	ExchangeCmd <target> <user> <pass>
	sub commands:
		exec <cmd> [args]
		  exec command
			
		arch
		  get remote process architecture(for shellcode)
			
		shellcode <shellcode.bin>
		  run shellcode
			
		exit
		  exit program
![](https://raw.githubusercontent.com/zcgonvh/CVE-2020-0688/master/exp.png)

for more information, read [writeup.pdf](https://raw.githubusercontent.com/zcgonvh/CVE-2020-0688/master/writeup.pdf)(in chinese).

File Snapshot


 [4.0K]  /data/pocs/d11f6e1e32a7a452fd3aa4a02567e6c67fe801f9
├── [3.8K]  detect.png
├── [120K]  ExchangeCmd.cs
├── [ 13K]  ExchangeDetect.cs
├── [ 17K]  exp.png
├── [ 740]  README.md
├── [4.9K]  RemoteStub.cs
└── [1.8M]  writeup.pdf

0 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!