cve-2020-0688-Exchange-远程代码执行分析及复现

Posted on 2020-10-12 In 漏洞利用复现 Word count in article: 1.9k Reading time ≈ 7 mins.

cve-2020-0688-Exchange-远程代码执行介绍

作用

主要用于后续提权操作

影响版本

Microsoft Exchange Server 2010 Service Pack 3
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019

漏洞原理

这个漏洞是由于Exchange服务器在安装时没有正确地创建唯一的加密密钥所造成的。

具体来说，与正常软件安装每次都会产生随机密钥不同，所有Exchange Server在安装后的web.config文件中都拥有相同的validationKey和decryptionKey。这些密钥用于保证ViewState的安全性。而ViewState是ASP.NET Web应用以序列化格式存储在客户机上的服务端数据。客户端通过__VIEWSTATE请求参数将这些数据返回给服务器。攻击者可以在ExchangeControl Panel web应用上执行任意.net代码。

外网kali安装及java配置

Posted on 2020-10-09 In kali配置 Word count in article: 220 Reading time ≈ 1 mins.

安装外网kail

1.选一台外网的vps部署debian操作系统

2.更换kali源

mousepad /etc/apt/sources.list

deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib

常规木马免杀处理-查杀情况记录

Posted on 2020-10-09 Edited on 2020-10-16 In 免杀 Word count in article: 10k Reading time ≈ 37 mins.

常规木马免杀处理-查杀情况记录

cs木马免杀比例

exe64 41/72
exe32 40/72

+upx之后

1
2
3

cs64           30/72       能过火绒    无法过windows defender
自解压打包后    23/71       能过火绒    无法过windows defender   （success）
cs86           45/72       被火绒查杀  无法过windows defender

Hack-The-Box-walkthrough[doctor]

Posted on 2020-09-29 Edited on 2021-02-07 In HackTheBox walkthrough Word count in article: 1.1k Reading time ≈ 4 mins.

introduce

OS: Linux
Difficulty: Easy
Points: 20
Release: 26 Sep 2020
IP: 10.10.10.209

User Blood jkr 00 days, 00 hours, 36 mins, 05 seconds.
Root Blood xct 00 days, 00 hours, 36 mins, 12 seconds.

几道php反序列化解题记录

Posted on 2020-09-17 In ctf Word count in article: 674 Reading time ≈ 2 mins.

serialize01

源码：

<?php

class A{
    public $classname;
    function __toString(){
        echo file_get_contents($this->classname);
        return "";
    }
}

echo unserialize($_GET['a']);
highlight_file(__FILE__);

?>

Hack-The-Box-walkthrough[compromised]

Posted on 2020-09-16 Edited on 2021-01-31 In HackTheBox walkthrough Word count in article: 3.7k Reading time ≈ 13 mins.

introduce

OS: Linux
Difficulty: Hard
Points: 40
Release: 12 Sep 2020
IP: 10.10.10.207

User Blood xct 00 days, 03 hours, 35 mins, 20 seconds.
Root Blood xct 00 days, 03 hours, 34 mins, 56 seconds.

Hack-The-Box-walkthrough[passage]

Posted on 2020-09-07 Edited on 2021-03-09 In HackTheBox walkthrough Word count in article: 1.3k Reading time ≈ 5 mins.

introduce

OS: Linux
Difficulty: Medium
Points: 30
Release: 05 Sep 2020
IP: 10.10.10.206

User Blood qtc 00 days, 00 hours, 19 mins, 35 seconds.
Root Blood Lemming 00 days, 00 hours, 32 mins, 04 seconds.

Hack-The-Box-walkthrough[feline]

Posted on 2020-09-03 Edited on 2021-02-24 In HackTheBox walkthrough Word count in article: 2.1k Reading time ≈ 8 mins.

introduce

OS: Linux
Difficulty: Hard
Points: 40
Release: 29 Aug 2020
IP: 10.10.10.205

User Blood szymex73 00 days, 00 hours, 44 mins, 52 seconds.
Root Blood InfoSecJack 00 days, 02 hours, 08 mins, 18 seconds.

Hack-The-Box-walkthrough[omni]

Posted on 2020-08-28 Edited on 2021-01-10 In HackTheBox walkthrough Word count in article: 1.1k Reading time ≈ 4 mins.

introduce

OS: Other
Difficulty: Easy
Points: 20
Release: 22 Aug 2020
IP: 10.10.10.204

User Blood snowscan 00 days, 01 hours, 21 mins, 02 seconds.
Root Blood snowscan 00 days, 02 hours, 01 mins, 30 seconds.

Hack-The-Box-walkthrough[laser]

Posted on 2020-08-19 Edited on 2021-01-31 In HackTheBox walkthrough Word count in article: 1.9k Reading time ≈ 7 mins.

introduce

OS: Linux
Difficulty: Insane
Points: 50
Release: 08 Aug 2020
IP: 10.10.10.201

User Blood InfoSecJack 00 days, 00 hours, 04 mins, 04 seconds.
Root Blood bjornmorten 00 days, 23 hours, 18 mins, 35 seconds.