Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-13995 PoC — U.S. Air Force Sensor Data Management System extract75 缓冲区错误漏洞

Source
https://github.com/dbrumley/extract75-cve-2020-13995
Associated Vulnerability
Title:U.S. Air Force Sensor Data Management System extract75 缓冲区错误漏洞 (CVE-2020-13995)
Description:U.S. Air Force Sensor Data Management System是美国U.S. Air Force公司的一款游戏公司的数据管理系统。 U.S. Air Force Sensor Data Management System extract75存在缓冲区错误漏洞,该漏洞源于全局变量(sBuffer)的溢出会导致Write-What-Where写入结果。 超出sBuffer的写入将破坏大多数全局变量,直到到达诸如DES_info或image_info之类的指针为止。 通过控制该指针,可
Readme
# Control Flow Hijack Exploit for CVE-2020-13995

Build it:

```
make
```

Run it:

```
make run
```

Mayhem it:

```
docker tag extract75-cve-2020-13955 <your name>/extract75-cve-2020-13955
docker push <your name>/extract75-cve-2020-13955
mayhem run --image <your name>/extract75-cve-2020-13955 \
    --project <your name>/extract75 .
```

(Default runtime is 600 seconds; override with --duration flag)

Need more information? Contact sales@forallsecure.com
File Snapshot

 [4.0K]  /data/pocs/8541fa11de7bfb73723bdcaf5e78d4d139c8ca0e
├── [2.7K]  Dockerfile
├── [4.0K]  exploit
│   ├── [4.0K]  crashers
│   │   └── [8.0K]  5315fb378c56843434354a742b47e0c42fb8f7f82cde45c2156acbe7a7bd3a66
│   ├── [4.0K]  labs
│   │   └── [4.0K]  rewrite_nitf_solution.py
│   └── [4.0K]  payloads
│       ├── [8.0K]  01_5315_numi_fix
│       ├── [8.0K]  02_5315_image_info
│       ├── [8.0K]  03_5315_where
│       ├── [8.0K]  04_5315_where_strncpy
│       ├── [8.0K]  05_5315_what_strncpy_CCCC
│       ├── [8.0K]  06_5315_what_errno_CCCC
│       ├── [8.0K]  07_5315_what_errno_sBuffer
│       └── [8.0K]  08_5315_what_errno_sBuffer_shell
├── [4.0K]  lab
│   ├── [8.0K]  5315fb378c56843434354a742b47e0c42fb8f7f82cde45c2156acbe7a7bd3a66
│   ├── [243K]  extract75
│   └── [4.0K]  rewrite_nitf.py
├── [1.1K]  LICENSE
├── [ 294]  Makefile
├── [ 175]  Mayhemfile
├── [4.0K]  originals
│   ├── [600K]  extract_redhat_linux.tar
│   └── [746K]  extract_unix_source.tar
├── [ 460]  README.md
├── [4.0K]  scripts
│   └── [ 260]  rewrite_errno.py
└── [4.0K]  testsuite
    └── [ 26M]  20091021203846-01001111-VIS.ntf.r0

8 directories, 22 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.