Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-5837 PoC — Symantec Endpoint Protection 后置链接漏洞

Source
https://github.com/RedyOpsResearchLabs/SEP-14.2-Arbitrary-Write
Associated Vulnerability
Title:Symantec Endpoint Protection 后置链接漏洞 (CVE-2020-5837)
Description:Symantec Endpoint Protection(SEP)是美国赛门铁克(Symantec)公司的一套防病毒软件。该软件可跨物理和虚拟系统提供安全防护功能。 Symantec SEP 14.3之前版本中存在安全漏洞,该漏洞源于程序没有正确执行安全限制。攻击者可利用该漏洞提升权限。
Description
CVE-2020-5837 exploit
Readme
# CVE-2020-5837 exploit

The write up can be found in the blog of the RedyOps Labs: 

https://labs.redyops.com/index.php/2020/04/27/symantec-endpoint-protection-sep-14-2-eop-via-arbitrary-write/ 

### Third Party Tools
This exploit code, is heavily based on symboliclink-testing-tools which was Developed by James Forshaw. The symboliclink-testing-tools can be found here:

https://github.com/googleprojectzero/symboliclink-testing-tools
File Snapshot

 [4.0K]  /data/pocs/7665a9aa83d854f570875dfecb4d32eac84fb330
├── [ 438]  README.md
├── [8.1M]  SEP PoC.mkv
└── [4.0K]  src
    ├── [4.0K]  CommonUtils
    │   ├── [3.7K]  CommonUtils.cpp
    │   ├── [1.0K]  CommonUtils.h
    │   ├── [4.8K]  CommonUtils.vcxproj
    │   ├── [2.7K]  CommonUtils.vcxproj.filters
    │   ├── [ 168]  CommonUtils.vcxproj.user
    │   ├── [2.0K]  DirectoryObject.cpp
    │   ├── [4.5K]  FileOpLock.cpp
    │   ├── [ 789]  FileOpLock.h
    │   ├── [5.0K]  FileSymlink.cpp
    │   ├── [ 588]  FileSymlink.h
    │   ├── [1.6K]  Hardlink.cpp
    │   ├── [2.0K]  NativeSymlink.cpp
    │   ├── [2.2K]  ntimports.h
    │   ├── [5.2K]  RegistrySymlink.cpp
    │   ├── [ 13K]  ReparsePoint.cpp
    │   ├── [1.2K]  ReparsePoint.h
    │   ├── [1.8K]  ScopedHandle.cpp
    │   ├── [ 498]  ScopedHandle.h
    │   ├── [ 298]  stdafx.cpp
    │   ├── [ 270]  stdafx.h
    │   ├── [ 314]  targetver.h
    │   └── [1.3K]  typed_buffer.h
    ├── [4.0K]  Exploit
    │   ├── [3.1K]  Exploit.cpp
    │   ├── [1.2K]  Exploit.filters
    │   ├── [ 168]  Exploit.user
    │   ├── [5.0K]  Exploit.vcxproj
    │   ├── [ 168]  Exploit.vcxproj.user
    │   ├── [ 300]  stdafx.cpp
    │   ├── [ 462]  stdafx.h
    │   └── [ 314]  targetver.h
    └── [1.5K]  SEP 14.2 WriteDelete Bug.sln

3 directories, 33 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.