CVE-2020-0618

This exploit targets CVE-2020-0618, a deserialization vulnerability in Microsoft SQL Server Reporting Services (SSRS) 2016, 2014, and 2012. It leverages a crafted payload to achieve remote code execution (RCE) via a malicious ViewState parameter.

This PoC demonstrates a deserialization vulnerability in SQL Server Reporting Services (CVE-2020-0618) that allows remote code execution via a crafted ViewState payload. The exploit uses ysoserial.net to generate a malicious payload for execution.

This repository contains a honeypot designed to detect and log exploitation attempts targeting CVE-2020-0618, a remote code execution vulnerability in SQL Server Reporting Services (SSRS). The honeypot mimics SSRS behavior to attract and log malicious traffic.

This PoC exploits CVE-2020-0618, a deserialization vulnerability in SQL Server Reporting Services (SSRS). It uses ysoserial.net to generate a malicious payload that executes a PowerShell command via a TypeConfuseDelegate gadget, leading to remote code execution (RCE).

This repository contains a Python-based detection script for CVE-2020-0618, a remote code execution vulnerability in Microsoft SQL Server Reporting Services (SSRS). The script sends a SOAP request to the target SSRS endpoint and checks the response for signs of vulnerability.

This Metasploit module exploits a deserialization vulnerability in Microsoft SQL Server Reporting Services (SSRS) to achieve remote code execution. It crafts a malicious ViewState object and sends it via an HTTP POST request to execute arbitrary commands.