POC code for CVE-2020-3153 - Cisco anyconnect path traversal vulnerability
Read more about the vulnerability here: https://ssd-disclosure.com/ssd-advisory-cisco-anyconnect-privilege-elevation-through-path-traversal/
Steps to follow to get Windows shell on desktop with SYSTEM privilege:
- In file
class1.cs, Change the Username string to your user account directory inCAC-nc-installcommandline parameter. - Create directory path "
Program Files (x86)/Cisco/Cisco AnyConnect Secure Mobility Client/Plugins/" inside your userhome. - Copy actoast.dll on the above path.
Follow my work at: https://nixhacker.com