Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-13777 PoC — GnuTLS 加密问题漏洞

Source
https://github.com/shigeki/challenge_CVE-2020-13777
Associated Vulnerability
Title:GnuTLS 加密问题漏洞 (CVE-2020-13777)
Description:GnuTLS是一款免费的用于实现SSL、TLS和DTLS协议的安全通信库。 GnuTLS 3.6.14版本中存在加密问题漏洞。攻击者可通过实施中间人攻击利用该漏洞绕过TLS 1.3版本的身份验证并恢复TLS 1.2版本的先前会话。
Description
Challange CVE-2020-13777
Readme
# Chanllenge CVE-2020-13777

Try to prove if TLS 1.3 MITM is possible and decrypt 0-RTT early data in pcap here (Server: 192.168.100.23:5556).

See https://jovi0608.hatenablog.com/entry/2020/06/13/104905 and [CVE-2020-13777](https://gnutls.org/security-new.html#GNUTLS-SA-2020-06-03) for details.
File Snapshot

 [4.0K]  /data/pocs/e8528e83e1f7b2357ca5c5ff3e435dece0f8cbc8
├── [ 12K]  gnutls_vul_challange.pcap
└── [ 298]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.