CVE-2020-0688

This Metasploit module exploits CVE-2020-0688, a .NET deserialization vulnerability in Microsoft Exchange Server's ECP web page, allowing remote command execution as NT_AUTHORITY\SYSTEM due to fixed cryptographic keys.

This exploit leverages CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server, to achieve authenticated remote code execution. It crafts a malicious payload using a known static key and sends it to the target server via a legitimate session.

This is a functional exploit for CVE-2020-0688, targeting Microsoft Exchange's deserialization vulnerability in the MachineKeySection. It includes authentication, session handling, and payload execution capabilities.

This repository contains a functional exploit for CVE-2020-0688, a remote code execution vulnerability in Microsoft Exchange Server. The exploit includes detection and exploitation scripts, leveraging deserialization to achieve RCE.

This repository contains a stub exploit for CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange. The exploit.py script is incomplete and untested, while the README provides manual steps to exploit the vulnerability using ysoserial.net.

This is a functional exploit for CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server. It leverages ysoserial to generate a malicious ViewState payload and triggers it via authenticated ECP access.

This PoC exploits CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server, by leveraging ysoserial to generate a malicious ViewState payload for remote code execution. It requires authentication and interacts with the Exchange Control Panel (ECP) to trigger the exploit.

This is a C# scanner tool designed to check for CVE-2020-0688 vulnerability in Microsoft Exchange Server by passively scraping version information from HTML content. It processes a list of hosts and categorizes them based on their vulnerability status.

This is a Python-based exploit for CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server. It uploads an ASPX webshell to achieve remote code execution by leveraging a crafted payload that bypasses VIEWSTATE validation.

This PowerShell script exploits CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server, by leveraging fixed cryptographic keys to achieve remote code execution. It authenticates to the Exchange Control Panel (ECP), generates a malicious ViewState payload using ysoserial, and sends it to execute arbitrary commands.

This is a GUI-based exploit for CVE-2020-0688, a remote code execution vulnerability in Microsoft Exchange Server. The exploit leverages deserialization flaws in the Exchange Control Panel (ECP) to execute arbitrary commands or shellcode.

This repository contains a Go-based proof-of-concept exploit for CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server. It includes scanning, payload generation, and exploitation functionalities.

This is a PowerShell script that exploits CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange. It generates a malicious __VIEWSTATE payload to achieve remote code execution by leveraging the TextFormattingRunPropertiesMarshal class.

This PoC exploits CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server, by leveraging ysoserial to generate a malicious ViewState payload. It authenticates to the target, retrieves session keys, and executes arbitrary commands via deserialization.

This repository contains a scanner to identify Microsoft Exchange servers vulnerable to CVE-2020-0688, a static key vulnerability leading to SYSTEM-level RCE. It checks for open ports and Exchange versions but does not include an exploit payload.

This PowerShell script exploits CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server due to static cryptographic keys. It authenticates with valid credentials, generates a malicious ViewState payload using ysoserial.net, and executes arbitrary commands under SYSTEM privileges via the Exchange Control Panel.

This PoC demonstrates CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server due to fixed cryptographic keys. It leverages YSoSerial.net to generate a malicious ViewState payload for remote code execution (RCE) with SYSTEM privileges.

This is a Python-based exploit for CVE-2020-0688, a remote command injection vulnerability. It establishes a reverse shell by sending a crafted payload to the target system.

This is a Python3 port of a CVE-2020-0688 exploit targeting Microsoft Exchange Server. It leverages a deserialization vulnerability with a hardcoded key to achieve authenticated remote code execution.

This is a proof-of-concept exploit for CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server 2010. The code authenticates to the target, crafts a malicious ViewState payload, and checks for vulnerability by sending a crafted request to the Exchange server.

This is a PHP-based scanner for CVE-2020-0688 that checks if Microsoft Exchange servers are running vulnerable versions by analyzing the OWA (Outlook Web Access) page. It does not exploit the vulnerability but identifies potentially vulnerable systems.

This repository contains a scanner for CVE-2020-0688, which checks for vulnerable Microsoft Exchange servers by enumerating versions via the Outlook Web Access page. It uses masscan to identify open ports and then checks the version to determine vulnerability status.

This is a PowerShell script that exploits CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange. It generates a malicious __VIEWSTATE payload to achieve remote code execution by leveraging the Microsoft.PowerShell.Editor.dll assembly.

This PoC exploits CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server, by generating a malicious ViewState payload using ysoserial.exe and sending it to the target server. The payload executes an arbitrary command (e.g., writing a file) via the ECP interface.

This repository provides a detailed technical analysis of the Virgin Mobile KSA breach, focusing on the exploitation of CVE-2020-0688 in unpatched Microsoft Exchange servers. It includes attack methodology, strategic failures, and proposed defense mechanisms.

This is a functional exploit for CVE-2020-0688, leveraging deserialization via ysoserial.net to achieve remote code execution on vulnerable Microsoft Exchange servers. It includes options for vulnerability checking, file upload, and reverse shell execution.

This repository contains a functional proof-of-concept exploit for CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server. The exploit leverages a crafted ViewState to achieve remote code execution (RCE) by deserializing malicious objects.

This Metasploit module exploits a .NET deserialization vulnerability in Microsoft Exchange Server's ECP web page (CVE-2020-0688) by crafting a malicious ViewState to achieve remote code execution as NT_AUTHORITY\SYSTEM.

This repository contains functional exploit code for CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange. It includes both detection and exploitation tools, with the exploit capable of executing commands and shellcode on vulnerable systems.

This repository contains a functional exploit for CVE-2020-0688, a remote code execution vulnerability in Microsoft Exchange Server. The exploit leverages deserialization in the Exchange Control Panel (ECP) to execute arbitrary commands on the target system.

This repository contains a functional exploit for CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server. The exploit leverages ysoserial to generate a malicious payload and executes arbitrary commands via crafted ViewState parameters.

This repository contains a functional exploit for CVE-2020-0688, a deserialization vulnerability in Microsoft Exchange Server. The exploit leverages ysoserial to generate a malicious ViewState payload, which is then sent to the target server to achieve remote code execution.