Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-17144 PoC — Microsoft Exchange Server 代码问题漏洞

Source
https://github.com/Airboi/CVE-2020-17144-EXP
Associated Vulnerability
Title:Microsoft Exchange Server 代码问题漏洞 (CVE-2020-17144)
Description:Microsoft Exchange Server是美国微软(Microsoft)公司的一套电子邮件服务程序。它提供邮件存取、储存、转发,语音邮件,邮件过滤筛选等功能。 Microsoft Exchange Server 存在代码问题漏洞,远程攻击者利用该漏洞可执行代码。以下产品及版本受到影响:Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31。
Description
Exchange2010 authorized RCE
Readme
# CVE-2020-17144-EXP

```
条件: Exchange2010; 普通用户
默认用法(写webshell): CVE-2020-17144-EXP.exe mail.example.com user pass


执行命令 & 端口复用: 修改ExploitClass.cs

参考 @zcgonvh https://mp.weixin.qq.com/s?__biz=MzI2NDk0MTM5MQ==&mid=2247483712&idx=1&sn=0b2cc3c9692f5c58a4eeb246d4b392fc&chksm=eaa5bb60ddd23276baf4cfd3fc59ca847c28f350c65ef98a17d49bc9944d653fad95dec4fd14&mpshare=1&scene=1&srcid=1209jtbQLVJIgr3VT0Ut1TM9&sharer_sharetime=1607483575995&sharer_shareid=dc9cecc79ba34e4bbb700a43a16153fd#rd
```
File Snapshot

 [4.0K]  /data/pocs/79cc00620f9c8eea1be1bee08e9ad3240a51ae84
├── [4.0K]  CVE-2020-17144
│   ├── [3.7K]  CVE-2020-17144.csproj
│   ├── [ 482]  CVE-2020-17144.csproj.user
│   ├── [ 661]  ExploitClass.cs
│   ├── [4.0K]  obj
│   │   ├── [4.0K]  Debug
│   │   │   └── [   0]  CVE-2020-17144.csproj.FileListAbsolute.txt
│   │   └── [4.0K]  Release
│   │       ├── [ 29K]  ActivitySurrogateSelector .NET 3.5 Exploit Generator.csprojAssemblyReference.cache
│   │       ├── [   0]  CVE-2020-17144.csproj.FileListAbsolute.txt
│   │       ├── [ 661]  DesignTimeResolveAssemblyReferences.cache
│   │       └── [7.2K]  DesignTimeResolveAssemblyReferencesInput.cache
│   ├── [ 161]  packages.config
│   ├── [2.1K]  Program.cs
│   ├── [4.0K]  Properties
│   │   └── [1.5K]  AssemblyInfo.cs
│   └── [4.0K]  ysoserial.net
│       ├── [6.2K]  ActivitySurrogateSelectorGenerator.cs
│       ├── [ 396]  Generator.cs
│       └── [3.9K]  GenericGenerator.cs
├── [1.1K]  CVE-2020-17144.sln
├── [4.0K]  packages
│   └── [4.0K]  Exchange.WebServices.Managed.Api.2.2.1.2
│       ├── [600K]  Exchange.WebServices.Managed.Api.2.2.1.2.nupkg
│       └── [4.0K]  lib
│           └── [4.0K]  net35
│               ├── [1.1M]  Microsoft.Exchange.WebServices.dll
│               └── [2.6M]  Microsoft.Exchange.WebServices.xml
└── [ 534]  README.md

10 directories, 19 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.