目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%

CVE-2025-30406 PoC — Gladinet CentreStack 安全漏洞

来源
关联漏洞
标题:Gladinet CentreStack 安全漏洞 (CVE-2025-30406)
Description:Gladinet CentreStack是美国Gladinet公司的一个主要移动访问和安全共享解决方案。提供自托管云存储。 Gladinet CentreStack存在安全漏洞,该漏洞源于硬编码machineKey导致反序列化漏洞,可能导致远程代码执行。
Description
Explore the CVE-2025-30406 ViewState exploit PoC for ASP.NET applications. Test security with this script and learn about deserialization vulnerabilities. 🐙
介绍
# CVE-2025-30406: ViewState Exploit PoC Repository

![CVE-2025-30406](https://img.shields.io/badge/CVE-2025--30406-ff0000?style=flat-square&logo=security&logoColor=white)

## Overview

This repository contains a proof of concept (PoC) for the CVE-2025-30406 vulnerability, specifically targeting the ViewState in ASP.NET applications. This vulnerability can lead to unauthorized access and potential data breaches if exploited. 

## Table of Contents

- [Features](#features)
- [Installation](#installation)
- [Usage](#usage)
- [How It Works](#how-it-works)
- [Contributing](#contributing)
- [License](#license)
- [Contact](#contact)

## Features

- Demonstrates the ViewState exploit in a controlled environment.
- Simple setup for testing and understanding the vulnerability.
- Detailed documentation on how to replicate the exploit.
- Includes sample payloads for demonstration purposes.

## Installation

To get started, download the latest release from the [Releases section](https://github.com/Gersonaze/CVE-2025-30406/releases). Once downloaded, extract the files to your local machine. Follow the instructions in the documentation to set up the environment.

## Usage

After setting up, execute the provided scripts to test the ViewState exploit. Ensure you have the necessary permissions and a controlled environment to avoid any unintended consequences. 

### Step-by-Step Guide

1. **Download the Release**: Visit the [Releases section](https://github.com/Gersonaze/CVE-2025-30406/releases) to download the required files.
2. **Extract the Files**: Unzip the downloaded file to a designated directory.
3. **Run the Exploit**: Follow the instructions in the README to execute the exploit.

## How It Works

The ViewState is a mechanism used by ASP.NET to preserve page and control values between postbacks. This vulnerability arises when the ViewState is not properly secured. Attackers can manipulate the ViewState data, leading to potential code execution or data exposure.

### Exploit Mechanism

1. **ViewState Analysis**: The PoC first analyzes the ViewState to identify weaknesses.
2. **Payload Creation**: It generates a payload that exploits the identified weaknesses.
3. **Execution**: The payload is then executed against a vulnerable ASP.NET application.

## Screenshots

![Exploit Execution](https://example.com/exploit-execution.png)

## Contributing

Contributions are welcome! If you have suggestions for improvements or additional features, feel free to open an issue or submit a pull request. Please adhere to the following guidelines:

- Fork the repository.
- Create a new branch for your feature or bug fix.
- Ensure your code adheres to the existing style.
- Write clear commit messages.
- Submit a pull request.

## License

This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for more details.

## Contact

For questions or inquiries, please contact the repository maintainer at [email@example.com](mailto:email@example.com).

---

For further information, remember to check the [Releases section](https://github.com/Gersonaze/CVE-2025-30406/releases) for updates and additional resources.
文件快照

[4.0K] /data/pocs/cde340ddbd8f1a5ba403c6e73f9ddd4c734bc79e ├── [4.2K] exploit.py ├── [3.1K] README.md └── [1.4K] server.py 0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。