关联漏洞
描述
Scanner for CVE-2025-53770, a SharePoint vulnerability. Check if your server is vulnerable and extract version info. 🛠️🔍
介绍
# CVE-2025-53770: SharePoint RCE Vulnerability Scanner 🛡️
## Overview
This repository contains a scanner for the SharePoint CVE-2025-53770 remote code execution (RCE) zero-day vulnerability. This tool aims to help security professionals and developers identify systems that may be vulnerable to this specific exploit.
## Table of Contents
- [Features](#features)
- [Installation](#installation)
- [Usage](#usage)
- [Technical Details](#technical-details)
- [Contributing](#contributing)
- [License](#license)
- [Contact](#contact)
## Features
- **Detect Vulnerability**: Quickly identify if your SharePoint instance is vulnerable to CVE-2025-53770.
- **Easy to Use**: Designed with a simple command-line interface.
- **Open Source**: Fully open-source, allowing for community contributions and improvements.
- **Regular Updates**: Stay informed with the latest updates in the "Releases" section.
## Installation
To install the scanner, follow these steps:
1. **Clone the Repository**:
```bash
git clone https://github.com/Hassanopop/CVE-2025-53770.git
cd CVE-2025-53770
```
2. **Download the Latest Release**:
Visit the [Releases section](https://github.com/Hassanopop/CVE-2025-53770/releases) to find the latest version. Download and execute the file to set up the scanner.
3. **Install Dependencies**:
Make sure to install the required dependencies. Use the following command:
```bash
pip install -r requirements.txt
```
## Usage
To use the scanner, follow these steps:
1. **Run the Scanner**:
Execute the scanner with the following command:
```bash
python scanner.py <target-url>
```
Replace `<target-url>` with the URL of the SharePoint instance you want to test.
2. **Check the Results**:
After running the scanner, review the output for any vulnerabilities detected.
3. **Regular Updates**:
Keep an eye on the [Releases section](https://github.com/Hassanopop/CVE-2025-53770/releases) for updates and improvements.
## Technical Details
### Vulnerability Description
CVE-2025-53770 is a critical vulnerability that allows an attacker to execute arbitrary code on a vulnerable SharePoint server. This exploit can lead to data breaches and unauthorized access to sensitive information.
### How the Scanner Works
The scanner works by sending specific payloads to the SharePoint server and analyzing the response. If the server responds in a way that indicates vulnerability, the scanner flags it.
### Supported Platforms
- Windows
- Linux
- macOS
### Dependencies
- Python 3.x
- Requests library
- Other libraries listed in `requirements.txt`
## Contributing
We welcome contributions from the community. To contribute:
1. Fork the repository.
2. Create a new branch for your feature or fix.
3. Make your changes and commit them.
4. Push your branch and create a pull request.
Please ensure that your code adheres to the existing style and includes appropriate tests.
## License
This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.
## Contact
For questions or support, please reach out via the Issues section on GitHub. You can also contact the repository owner directly.
---
**Note**: Always test in a safe environment and ensure compliance with legal regulations before using this tool on production systems.
文件快照
[4.0K] /data/pocs/287ff1c05904d25413c41128ae59d25d38f093a0
├── [4.0K] cmd
│ └── [2.7K] main.go
├── [ 848] Dockerfile
├── [ 169] go.mod
├── [1.6K] go.sum
├── [ 48] Makefile
├── [4.0K] pkg
│ └── [4.0K] payload
│ ├── [2.4K] extract.go
│ ├── [3.3K] payload.go
│ ├── [1.7K] test.go
│ └── [ 685] test_payload.go
└── [3.5K] README.md
3 directories, 10 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。