Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-27955 PoC — Git Lfs代码问题漏洞

Source
https://github.com/Arnoldqqq/CVE-2020-27955
Associated Vulnerability
Title:Git Lfs代码问题漏洞 (CVE-2020-27955)
Description:Git Lfs是Git Lfs团队的一个用于git项目中处理大文件的命令行工具。 Git LFS 2.12.0版本存在代码问题漏洞,该漏洞可造成远程代码执行的危害。
Readme
# Git-lfs Remote Code Execution (RCE) exploit CVE-2020-27955 (.bat / powershell version)
## Vulnerable: git, GitHub CLI (gh), GitHub Desktop, Visual Studio Code, SourceTree, SmartGit, GitKraken etc.

Discovered by **Dawid Golunski**
* https://legalhackers.com
* https://exploitbox.io

Tested on Windows on: 

git, GitHub CLI (gh), GitHub Desktop, Visual Studio Code, SourceTree, SmartGit, GitKraken etc.

Basically, the whole Windows dev world ;)

Check out the full advisories for details and patch information:

* https://exploitbox.io/vuln/Git-Git-LFS-RCE-Exploit-CVE-2020-27955.html
* https://legalhackers.com/advisories/Git-LFS-RCE-Exploit-CVE-2020-27955.html

Video PoC:
* https://youtu.be/tlptOf9w274

There's also a Go version of this exploit:
* https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go

```

                        .;lc'
                    .,cdkkOOOko;.
                 .,lxxkkkkOOOO000Ol'
             .':oxxxxxkkkkOOOO0000KK0x:'
          .;ldxxxxxxxxkxl,.'lk0000KKKXXXKd;.
       ':oxxxxxxxxxxo;.       .:oOKKKXXXNNNNOl.
      '';ldxxxxxdc,.              ,oOXXXNNNXd;,.
     .ddc;,,:c;.         ,c:         .cxxc:;:ox:
     .dxxxxo,     .,   ,kMMM0:.  .,     .lxxxxx:
     .dxxxxxc     lW. oMMMMMMMK  d0     .xxxxxx:
     .dxxxxxc     .0k.,KWMMMWNo :X:     .xxxxxx:
     .dxxxxxc      .xN0xxxxxxxkXK,      .xxxxxx:
     .dxxxxxc    lddOMMMMWd0MMMMKddd.   .xxxxxx:
     .dxxxxxc      .cNMMMN.oMMMMx'      .xxxxxx:
     .dxxxxxc     lKo;dNMN.oMM0;:Ok.    'xxxxxx:
     .dxxxxxc    ;Mc   .lx.:o,    Kl    'xxxxxx:
     .dxxxxxdl;. .,               .. .;cdxxxxxx:
     .dxxxxxxxxxdc,.              'cdkkxxxxxxxx:
      .':oxxxxxxxxxdl;.       .;lxkkkkkxxxxdc,.
          .;ldxxxxxxxxxdc, .cxkkkkkkkkkxd:.
             .':oxxxxxxxxx.ckkkkkkkkxl,.
                 .,cdxxxxx.ckkkkkxc.
                    .':odx.ckxl,.
                        .,.'.
```

* https://exploitbox.io
* https://twitter.com/Exploit_Box


Stay tuned
File Snapshot

 [4.0K]  /data/pocs/32fe005e779c26b102e80ae5a1880c3ebd19b48a
├── [  16]  big-bug-lfs-file.dat
├── [1.8K]  git.bat
├── [1.9K]  README.md
└── [ 503]  revsh_powersh.ps1

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.