7heKnight/CVE-2020-0688

CVE-2020-0688_Microsoft Exchange default MachineKeySection deserialize vulnerability

CVE-2020-0688

CVE-2020-0688_Microsoft Exchange default MachineKeySection deserialize vulnerability

---

Installation Instruction:

• Download using git (Requires git): git clone https://github.com/7heKnight/CVE-2020-0688
• Download Zip File: https://github.com/7heKnight/CVE-2020-0688/archive/refs/heads/main.zip
• pip install urllib3 requests

Usage: python poc.py -s <Server/ip> (Required) -u username (Required) -p password (Required) --proxy (Not Require)

Options:
  -h, --help       show this help message and exit
  -s SERVER        Exchange mail Server URL Example: http://ip/owa
  -u USER          Login account Example: domain\user
  -p PASSWORD      Password
  -c COMMAND       Using Command and get output from web's respond
  --upload=UPLOAD  Upload file and print respond the file location uploaded
  --proxy=PROXY    Proxy to use. Example: https://127.0.0.1:8080 (Support Only
                   HTTP and HTTPS)