CVE-2023-50387 PoC — Microsoft DNS Server 安全漏洞

Source

Associated Vulnerability

Title:Microsoft DNS Server 安全漏洞 (CVE-2023-50387)
Description:Microsoft DNS Server是美国微软（Microsoft）公司的一个服务。 Microsoft DNS Server存在安全漏洞。以下产品和版本受到影响：Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2022 (Server Core installation),Windows Server 2022, 23H2 Edition (Se

Description

In this repository you can find the files used to try to produce a POC for the CVE-2023-50387

Readme

The DNS infrastructure used for this PoC was the one suggested on the SEED Labs, available at: https://seedsecuritylabs.org/Labs_20.04/Networking/DNS/DNSSEC/, with some minor changes. 
The infrastructure, consists of a root server, a top-level domain server for edu, a domain server for example.edu, and a local DNS server.
![image](https://github.com/Meirelez/SSR-DNSSEC/assets/35565242/17b78a1e-1441-4df8-94b3-35fe06f12904)

File Snapshot


 [4.0K]  /data/pocs/4c99ad9a787ad5abc068ff4556409546758fd1e4
├── [4.0K]  Colliding Keys
│   ├── [4.0K]  1
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   ├── [4.0K]  10
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   ├── [4.0K]  11
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   ├── [4.0K]  2
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   ├── [4.0K]  3
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   ├── [4.0K]  4
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   ├── [4.0K]  5
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   ├── [4.0K]  6
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   ├── [4.0K]  7
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   ├── [4.0K]  8
│   │   ├── [ 342]  Kexample.edu.+013+34345.key
│   │   └── [ 187]  Kexample.edu.+013+34345.private
│   └── [4.0K]  9
│       ├── [ 342]  Kexample.edu.+013+34345.key
│       └── [ 187]  Kexample.edu.+013+34345.private
├── [2.1K]  example.edu.db
├── [5.6K]  example.edu.db.signed
├── [ 582]  KeyGenerator.sh
├── [1.8K]  KeySigGen.py
└── [ 426]  README.md

12 directories, 27 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!