Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-18935 PoC — Progress Telerik UI for ASP.NET AJAX 代码问题漏洞

Source
https://github.com/dust-life/CVE-2019-18935-memShell
Associated Vulnerability
Title:Progress Telerik UI for ASP.NET AJAX 代码问题漏洞 (CVE-2019-18935)
Description:Progress Telerik UI for ASP.NET AJAX是一款HTML编辑器。 Progress Telerik UI for ASP.NET AJAX 2019.3.1023及之前版本中的‘RadAsyncUpload’函数存在代码问题漏洞。远程攻击者可借助特制请求利用该漏洞在w3wp.exe进程上下文中执行任意代码。
Readme
# CVE-2019-18935-memShell
source [CVE-2019-18935-Memshell](https://mp.weixin.qq.com/s/DCn6zknFWShefAzmFa0zQA)

## Compile

```
csc /target:module empty.cs
cl /c memShell.cpp
link /DLL /LTCG /CLRIMAGETYPE:IJW /out:memShell.dll memShell.obj empty.netmodule
```
File Snapshot

 [4.0K]  /data/pocs/51285ef6d986b380ac3b2c1b53a8357b932db0fb
├── [  15]  empty.cs
├── [3.0K]  memShell.cpp
└── [ 259]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.