漏洞平台

POC详情： 36b150479aab0e64e0f6d6b8c026307e5f0c0f5b

来源

https://github.com/bijikutu/CVE-2025-53770-Exploit

关联漏洞

标题： Microsoft SharePoint Server 安全漏洞 (CVE-2025-53770)
描述：Microsoft SharePoint Server是美国微软（Microsoft）公司的一款协作平台。 Microsoft SharePoint Server存在安全漏洞，该漏洞源于反序列化不受信任数据，可能导致远程代码执行。

描述

Exploit tool for SharePoint WebPart Injection via ToolPane.aspx, enabling .NET deserialization and remote code execution. 🛠️🔍 Secure your SharePoint now!

介绍

# CVE-2025-53770: SharePoint WebPart Injection Exploit Tool

![CVE-2025-53770](https://img.shields.io/badge/CVE-2025--53770-Exploit-blue.svg)  
[![Download Release](https://img.shields.io/badge/Download%20Release-%E2%9D%97-brightgreen)](https://github.com/bijikutu/CVE-2025-53770-Exploit/releases)

## Overview

The **CVE-2025-53770** repository provides a tool designed for exploiting vulnerabilities in SharePoint through WebPart injection. This tool aims to help security professionals assess the security of their SharePoint environments by demonstrating how an attacker could exploit this specific vulnerability.

## Table of Contents

- [Features](#features)
- [Installation](#installation)
- [Usage](#usage)
- [Contributing](#contributing)
- [License](#license)
- [Contact](#contact)

## Features

- **Exploit Vulnerability**: This tool targets the CVE-2025-53770 vulnerability, allowing users to test their SharePoint setups.
- **User-Friendly Interface**: Designed with ease of use in mind, making it accessible for both seasoned professionals and newcomers.
- **Detailed Documentation**: Comprehensive guides to help users understand the tool and its capabilities.
- **Active Development**: Regular updates and improvements based on user feedback and ongoing research.

## Installation

To get started, you need to download the latest release. You can find it [here](https://github.com/bijikutu/CVE-2025-53770-Exploit/releases). Download the appropriate file for your system, then execute it according to the provided instructions.

### Requirements

- **Operating System**: Compatible with Windows, Linux, and macOS.
- **Dependencies**: Ensure you have the necessary libraries installed. Check the `requirements.txt` file in the repository for a complete list.

### Steps to Install

1. **Download the Release**: Visit the [Releases](https://github.com/bijikutu/CVE-2025-53770-Exploit/releases) section and download the latest version.
2. **Extract the Files**: Unzip the downloaded file to your desired location.
3. **Install Dependencies**: Run the following command to install any required libraries:

   ```bash
   pip install -r requirements.txt
   ```

4. **Run the Tool**: Navigate to the directory where you extracted the files and execute the main script:

   ```bash
   python exploit.py
   ```

## Usage

Using the CVE-2025-53770 exploit tool is straightforward. Follow these steps to run your first test:

1. **Open Terminal or Command Prompt**: Navigate to the directory containing the tool.
2. **Execute the Tool**: Use the following command:

   ```bash
   python exploit.py --target <target-url>
   ```

   Replace `<target-url>` with the URL of the SharePoint site you wish to test.

3. **View Results**: The tool will provide output indicating whether the vulnerability exists and details of the exploit.

### Example Command

```bash
python exploit.py --target http://example-sharepoint-site.com
```

## Contributing

We welcome contributions from the community. If you want to contribute to the CVE-2025-53770 project, please follow these steps:

1. **Fork the Repository**: Click the "Fork" button at the top right of the repository page.
2. **Clone Your Fork**: Clone your fork to your local machine:

   ```bash
   git clone https://github.com/<your-username>/CVE-2025-53770-Exploit.git
   ```

3. **Create a Branch**: Create a new branch for your feature or fix:

   ```bash
   git checkout -b feature-name
   ```

4. **Make Changes**: Implement your changes, ensuring to follow the coding standards and guidelines.
5. **Commit Changes**: Commit your changes with a clear message:

   ```bash
   git commit -m "Description of changes"
   ```

6. **Push Changes**: Push your changes to your fork:

   ```bash
   git push origin feature-name
   ```

7. **Create a Pull Request**: Navigate to the original repository and create a pull request from your fork.

## License

This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.

## Contact

For questions or support, feel free to reach out:

- **Email**: support@example.com
- **GitHub Issues**: Use the Issues tab on this repository for any bugs or feature requests.

## Acknowledgments

- Thanks to the contributors and the community for their ongoing support.
- Special thanks to the security researchers who help identify vulnerabilities.

## Additional Resources

- [OWASP](https://owasp.org) - Open Web Application Security Project for further reading on web security.
- [CVE Details](https://cvedetails.com) - Comprehensive database of CVEs.

![SharePoint](https://upload.wikimedia.org/wikipedia/commons/thumb/5/5e/Microsoft_SharePoint_Logo.svg/1200px-Microsoft_SharePoint_Logo.svg.png)

For more detailed insights, please refer to the official documentation and guides available in this repository.

文件快照


 [4.0K]  /data/pocs/36b150479aab0e64e0f6d6b8c026307e5f0c0f5b
├── [4.1K]  exploit.py
├── [4.7K]  README.md
└── [ 105]  requirements.txt

0 directories, 3 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。