CVE-2020-0688 PoC — Microsoft Exchange Server 授权问题漏洞

Source

https://github.com/righter83/CVE-2020-0688

Associated Vulnerability

Title:Microsoft Exchange Server 授权问题漏洞 (CVE-2020-0688)
Description:Microsoft Exchange Server是美国微软（Microsoft）公司的一套电子邮件服务程序。它提供邮件存取、储存、转发，语音邮件，邮件过滤筛选等功能。 Microsoft Exchange Server 中存在授权问题漏洞，该漏洞源于程序无法正确处理内存中的对象。攻击者可借助特制的电子邮件利用该漏洞在系统用户的上下文中运行任意代码。以下产品及版本受到影响：Microsoft Exchange Server 2010，Microsoft Exchange Server 2013，Micro

Description

Exchange Scanner CVE-2020-0688

Readme

# CVE-2020-0688 Scanner
This is a little dirty Script to Check for vulnerables Exchange Servers by CVE-2020-0688
It's written ugly and in PHP. 
Caution: It only checks if you have the actual CU update installed. That doesn't mean that you have installed the bugfix patch!

### Requirements
You need php-cli and php-curl       

### Usage
First clone the repo:
```
git clone https://github.com/righter83/CVE-2020-0688
```

Scan a single server (without https://)
```
php scanner.php mail.cust.ch
```

Scan a whole IP Range
```
php scanner.php 1.1.1.0/24
```

File Snapshot


 [4.0K]  /data/pocs/af99798b279caa4e9a5c38e779ac2cf07ca68109
├── [ 557]  README.md
└── [5.3K]  scanner.php

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!