Zeek package that uses OpenSSL to detect CVE-2020-0601 exploit attempts
详情: https://github.com/0xxon/cve-2020-0601-plugin
None
😂An awesome curated list of repos for CVE-2020-0601.
详情: https://github.com/RrUZi/Awesome-CVE-2020-0601
None
C++ based utility to check if certificates are trying to exploit CVE-2020-0601
详情: https://github.com/0xxon/cve-2020-0601-utils
None
Powershell to patch CVE-2020-0601 . Complete security rollup for Windows 10 1507-1909
详情: https://github.com/Doug-Moody/Windows10_Cumulative_Updates_PowerShell
None
Perl version of recently published scripts to build ECC certificates with specific parameters re CVE-2020-0601
详情: https://github.com/thimelp/cve-2020-0601-Perl
None
Repo containing lua scripts and PCAP to find CVE-2020-0601 exploit attempts via network traffic
详情: https://github.com/dlee35/curveball_lua
None
CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified. Attackers can supply hand-rolled generators, bypassing validation, antivirus & all non-protections.
详情: https://github.com/IIICTECH/-CVE-2020-0601-ECC---EXPLOIT
None
CVE-2020-0601 #curveball - Alternative Key Calculator
详情: https://github.com/gentilkiwi/curveball
None
CVE-2020-0601: Windows CryptoAPI Vulnerability. (CurveBall/ChainOfFools)
详情: https://github.com/Hans-MartinHannibalLauridsen/CurveBall
None
PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https://github.com/ollypwn/CurveBall
详情: https://github.com/yanghaoi/CVE-2020-0601
None
Resources related to CurveBall (CVE-2020-0601) detection
详情: https://github.com/talbeerysec/CurveBallDetection
None
PoC for CVE-2020-0601 vulnerability (Code Signing)
详情: https://github.com/david4599/CurveballCertTool
None
这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,理解ECC算法、Windows验证机制,并尝试自己复现可执行文件签名证书和HTTPS劫持的例子。作为网络安全初学者,自己确实很菜,但希望坚持下去,加油!
详情: https://github.com/eastmountyxz/CVE-2020-0601-EXP
None
这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,复现了该漏洞和理解恶意软件自启动劫持原理。作为网络安全初学者,自己确实很菜,但希望坚持下去,一起加油!
详情: https://github.com/eastmountyxz/CVE-2018-20250-WinRAR
None
Materials for the second Rijeka secuity meetup. We will be discussing Microsoft cryptoapi vulnerability dubbed CurveBall (CVE-2020-0601)
详情: https://github.com/bsides-rijeka/meetup-2-curveball
None
simulation experiment of Curveball (CVE-2020-0601) attacks under ECQV implicit certificates with Windows-like verifiers
详情: https://github.com/tyj956413282/curveball-plus
None
Demonstration of CVE-2020-0601 aka curveball. Based on the PoC's available at https://github.com/kudelskisecurity/chainoffools and https://github.com/ly4k/CurveBall
详情: https://github.com/JoelBts/CVE-2020-0601_PoC
None