POC详情: 0bdadb1117f3449231797f81134f4fce10b1dec9

来源
https://github.com/LuemmelSec/CVE-2023-29357
关联漏洞
标题: Microsoft SharePoint 安全漏洞 (CVE-2023-29357)
描述:Microsoft SharePoint是美国微软(Microsoft)公司的一套企业业务协作平台。该平台用于对业务信息进行整合,并能够共享工作、与他人协同工作、组织项目和工作组、搜索人员和信息。 Microsoft Office SharePoint存在安全漏洞。攻击者利用该漏洞可以提升权限。
介绍
Recreation of the SharePoint PoC for CVE-2023-29357 in C# with lots of help from ChatGPT.  
Build with .Net Version 4.7.2 in Visual Studio 2017   
Use NuGet Package manager to install any missing packages  
Yara rules for detection below  

Usage:  
```
CVE-2023-29357.exe http(s)://yoursharepoint.lol [-v]
```
![image](https://github.com/LuemmelSec/CVE-2023-29357/assets/58529760/eaa72166-7644-458c-8aeb-791d9e5fd205)

Huge shoutout to:  
[Jang](https://twitter.com/testanull) for being very supportive with explainations on exploit steps and his huge writeup:  
https://testbnull.medium.com/p2o-vancouver-2023-v%C3%A0i-d%C3%B2ng-v%E1%BB%81-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955-ed97dcab131e  

[WhiteKnight](https://twitter.com/Chocapikk_) for his support and the Python exploit:  
https://github.com/Chocapikk/CVE-2023-29357  

[Florian Roth](https://twitter.com/cyb3rops) for his immediate efforts to provide YARA rules to help you protect against the usage of the current exploits:  
https://twitter.com/cyb3rops/status/1707678149448700270  
https://github.com/Neo23x0/signature-base/blob/master/yara/expl_sharepoint_cve_2023_29357.yar
文件快照

 [4.0K]  /data/pocs/0bdadb1117f3449231797f81134f4fce10b1dec9
├── [4.0K]  CVE-2023-29357
│   ├── [1.7K]  App.config
│   ├── [6.9K]  CVE-2023-29357.csproj
│   ├── [1.4K]  packages.config
│   ├── [ 16K]  Program.cs
│   └── [4.0K]  Properties
│       └── [1.4K]  AssemblyInfo.cs
├── [1.1K]  CVE-2023-29357.sln
└── [1.1K]  README.md

2 directories, 7 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。