CVE-2022-28219 PoC — ZOHO ManageEngine ADAudit Plus 代码问题漏洞

Source

https://github.com/rbowes-r7/manageengine-auditad-cve-2022-28219

Associated Vulnerability

Title:ZOHO ManageEngine ADAudit Plus 代码问题漏洞 (CVE-2022-28219)
Description:ZOHO ManageEngine ADAudit Plus是美国ZOHO公司的用于简化审计、证明合规性和检测威胁。 ZOHO ManageEngine ADAudit Plus 7060 之前存在代码问题漏洞，未经身份验证的攻击者可以利用该漏洞进行远程代码执行。

Readme

Code to support my [CVE-2022-28219 analysis](https://attackerkb.com/topics/Zx3qJlmRGY/cve-2022-28219/rapid7-analysis).

To execute, with Ruby and Rubygems installed:

```
gem install httparty
ruby ./manageengine-poc.rb <target> <port> <domain> <your ip>
```

This is designed as a proof of concept, not a stable exploit. It only runs calc. :)

File Snapshot


 [4.0K]  /data/pocs/047d1bec84b5d6b453d34f3ea38f4b00adc94334
├── [2.8K]  execute-calc.bin
├── [1.2K]  manageengine-get-password-hash.rb
├── [2.4K]  manageengine-list-files.rb
├── [ 251]  manageengine-plant-file.rb
├── [8.3K]  manageengine-poc.rb
└── [ 343]  README.md

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!