POC详情: dfd45fb912f0c595c1e2895a04ef9e8ede76f60f

来源
https://github.com/vino-theva/CVE-2019-6447
关联漏洞
标题: ES File Explorer File Manager application for Android 访问控制错误漏洞 (CVE-2019-6447)
描述:ES File Explorer File Manager application for Android(ES文件浏览器或文件管理器)是一款基于Android系统的多功能手机文件、程序和进程管理器,它支持在手机、电脑、远程和蓝牙间浏览管理文件。 基于Android平台的ES File Explorer File Manager application 4.1.9.7.4及之前版本中存在安全漏洞,该漏洞源于ES应用程序在运行一次之后,TCP 59777端口并未关闭依旧可以通过HTTP协议接收JSON数据。
描述
This paper is about manual exploitation of android open port vulnerability found in ES file manager. This open TCP 59777 port allows the attacker to install a backdoor  and gather all the user’s data. Further in this paper there will be a proof of concept presented  to consolidate the vulnerability. Download the PDF and enjoy !!! Cheers !!!
介绍
# CVE-2019-6447
This paper is about manual exploitation of android open port vulnerability found in ES file manager. This open TCP port allows the attacker to install a backdoor  and gather all the user’s data. Further in this paper there will be a proof of concept presented  to consolidate the vulnerability with this paper for an extra knowledege an overview about of backdoor attack is presented. Download the PDFs and enjoy !!! Cheers !!!
文件快照

 [4.0K]  /data/pocs/dfd45fb912f0c595c1e2895a04ef9e8ede76f60f
├── [986K]  CVE 2019-6447 - ES File Manager Vulnerability- Backdoor.pdf
├── [284K]  Insight of Backdoor Attacks - Case Study.pdf
└── [ 446]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。