漏洞详情： CVE-2020-0601

漏洞标题

漏洞描述

漏洞评分(CVSS)

漏洞类别

情报信息

0x1 POC 情报
Remote Code Execution Exploit
详情: https://github.com/nissan-sudo/CVE-2020-0601
None
来源：POC-IN-GITHUB
0x2 POC 情报
Zeek package to detect CVE-2020-0601
详情: https://github.com/0xxon/cve-2020-0601
None
来源：POC-IN-GITHUB
0x3 POC 情报
A Windows Crypto Exploit
详情: https://github.com/SherlockSec/CVE-2020-0601
None
来源：POC-IN-GITHUB
0x4 POC 情报
None
详情: https://github.com/JPurrier/CVE-2020-0601
None
来源：POC-IN-GITHUB
0x5 POC 情报
Zeek package that uses OpenSSL to detect CVE-2020-0601 exploit attempts
详情: https://github.com/0xxon/cve-2020-0601-plugin
None
来源：POC-IN-GITHUB
0x6 POC 情报
PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)
详情: https://github.com/ly4k/CurveBall
None
来源：POC-IN-GITHUB
0x7 POC 情报
A PoC for CVE-2020-0601
详情: https://github.com/kudelskisecurity/chainoffools
None
来源：POC-IN-GITHUB
0x8 POC 情报
😂An awesome curated list of repos for CVE-2020-0601.
详情: https://github.com/RrUZi/Awesome-CVE-2020-0601
None
来源：POC-IN-GITHUB
0x9 POC 情报
Curated list of CVE-2020-0601 resources
详情: https://github.com/BlueTeamSteve/CVE-2020-0601
None
来源：POC-IN-GITHUB
0x10 POC 情报
Proof of Concept for CVE-2020-0601
详情: https://github.com/saleemrashid/badecparams
None
来源：POC-IN-GITHUB
0x11 POC 情报
C++ based utility to check if certificates are trying to exploit CVE-2020-0601
详情: https://github.com/0xxon/cve-2020-0601-utils
None
来源：POC-IN-GITHUB
0x12 POC 情报
Powershell to patch CVE-2020-0601 . Complete security rollup for Windows 10 1507-1909
详情: https://github.com/Doug-Moody/Windows10_Cumulative_Updates_PowerShell
None
来源：POC-IN-GITHUB
0x13 POC 情报
None
详情: https://github.com/MarkusZehnle/CVE-2020-0601
None
来源：POC-IN-GITHUB
0x14 POC 情报
CurveBall CVE exploitation
详情: https://github.com/YoannDqr/CVE-2020-0601
None
来源：POC-IN-GITHUB
0x15 POC 情报
Perl version of recently published scripts to build ECC certificates with specific parameters re CVE-2020-0601
详情: https://github.com/thimelp/cve-2020-0601-Perl
None
来源：POC-IN-GITHUB
0x16 POC 情报
Repo containing lua scripts and PCAP to find CVE-2020-0601 exploit attempts via network traffic
详情: https://github.com/dlee35/curveball_lua
None
来源：POC-IN-GITHUB
0x17 POC 情报
CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified. Attackers can supply hand-rolled generators, bypassing validation, antivirus & all non-protections.
详情: https://github.com/IIICTECH/-CVE-2020-0601-ECC---EXPLOIT
None
来源：POC-IN-GITHUB
0x18 POC 情报
None
详情: https://github.com/Ash112121/CVE-2020-0601
None
来源：POC-IN-GITHUB
0x19 POC 情报
CVE-2020-0601 #curveball - Alternative Key Calculator
详情: https://github.com/gentilkiwi/curveball
None
来源：POC-IN-GITHUB
0x20 POC 情报
CVE-2020-0601: Windows CryptoAPI Vulnerability. (CurveBall/ChainOfFools)
详情: https://github.com/Hans-MartinHannibalLauridsen/CurveBall
None
来源：POC-IN-GITHUB
0x21 POC 情报
PoC for "CurveBall" CVE-2020-0601
详情: https://github.com/apodlosky/PoC_CurveBall
None
来源：POC-IN-GITHUB
0x22 POC 情报
PoC for CVE-2020-0601 - CryptoAPI exploit
详情: https://github.com/ioncodes/Curveball
None
来源：POC-IN-GITHUB
0x23 POC 情报
proof of concept for CVE-2020-0601
详情: https://github.com/amlweems/gringotts
None
来源：POC-IN-GITHUB
0x24 POC 情报
PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https://github.com/ollypwn/CurveBall
详情: https://github.com/yanghaoi/CVE-2020-0601
None
来源：POC-IN-GITHUB
0x25 POC 情报
Resources related to CurveBall (CVE-2020-0601) detection
详情: https://github.com/talbeerysec/CurveBallDetection
None
来源：POC-IN-GITHUB
0x26 POC 情报
PoC for CVE-2020-0601 vulnerability (Code Signing)
详情: https://github.com/david4599/CurveballCertTool
None
来源：POC-IN-GITHUB
0x27 POC 情报
这资源是作者复现微软签字证书漏洞CVE-2020-0601，结合相关资源及文章实现。推荐大家结合作者博客，理解ECC算法、Windows验证机制，并尝试自己复现可执行文件签名证书和HTTPS劫持的例子。作为网络安全初学者，自己确实很菜，但希望坚持下去，加油！
详情: https://github.com/eastmountyxz/CVE-2020-0601-EXP
None
来源：POC-IN-GITHUB
0x28 POC 情报
这资源是作者复现微软签字证书漏洞CVE-2020-0601，结合相关资源及文章实现。推荐大家结合作者博客，复现了该漏洞和理解恶意软件自启动劫持原理。作为网络安全初学者，自己确实很菜，但希望坚持下去，一起加油！
详情: https://github.com/eastmountyxz/CVE-2018-20250-WinRAR
None
来源：POC-IN-GITHUB
0x29 POC 情报
CVE-2020-0601 proof of concept
详情: https://github.com/gremwell/cve-2020-0601_poc
None
来源：POC-IN-GITHUB
0x30 POC 情报
Materials for the second Rijeka secuity meetup. We will be discussing Microsoft cryptoapi vulnerability dubbed CurveBall (CVE-2020-0601)
详情: https://github.com/bsides-rijeka/meetup-2-curveball
None
来源：POC-IN-GITHUB
0x31 POC 情报
None
详情: https://github.com/exploitblizzard/CVE-2020-0601-spoofkey
None
来源：POC-IN-GITHUB
0x32 POC 情报
Implementing CVE-2020-0601
详情: https://github.com/ShayNehmad/twoplustwo
None
来源：POC-IN-GITHUB
0x33 POC 情报
None
详情: https://github.com/okanulkr/CurveBall-CVE-2020-0601-PoC
None
来源：POC-IN-GITHUB
0x34 POC 情报
2017-0021
详情: https://github.com/cimashiro/-Awesome-CVE-2020-0601-
None
来源：POC-IN-GITHUB
0x35 POC 情报
simulation experiment of Curveball (CVE-2020-0601) attacks under ECQV implicit certificates with Windows-like verifiers
详情: https://github.com/tyj956413282/curveball-plus
None
来源：POC-IN-GITHUB
0x36 POC 情报
Demonstration of CVE-2020-0601 aka curveball. Based on the PoC's available at https://github.com/kudelskisecurity/chainoffools and https://github.com/ly4k/CurveBall
详情: https://github.com/JoelBts/CVE-2020-0601_PoC
None
来源：POC-IN-GITHUB