Kerberos 校验和漏洞
https://nvd.nist.gov/vuln/detail/CVE-2014-6324
EXP/POC:
https://github.com/abatchy17/WindowsExploits/tree/master/MS14-068
Netlogon特权提升漏洞
https://nvd.nist.gov/vuln/detail/CVE-2020-1472
EXP/POC:
https://github.com/blackarrowsec/redteam-research/tree/master/CVE-2020-1472
Windows域服务权限提升漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-42287
https://nvd.nist.gov/vuln/detail/CVE-2021-42278
EXP/POC:
https://github.com/WazeHell/sam-the-admin
https://github.com/cube0x0/noPac
Microsoft Windows NTLM认证漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-1040
https://paper.seebug.org/962/
EXP/POC:
https://github.com/Ridter/CVE-2019-1040
Microsoft Exchange任意用户伪造漏洞
https://nvd.nist.gov/vuln/detail/CVE-2018-8581
EXP/POC:
https://github.com/Ridter/Exchange2domain
Microsoft Exchange 反序列化RCE
https://nvd.nist.gov/vuln/detail/CVE-2020-0688
EXP/POC:
https://github.com/zcgonvh/CVE-2020-0688
Windows Print Spooler权限提升漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-1675
EXP/POC:
https://github.com/cube0x0/CVE-2021-1675
Exchange ProxyLogon远程代码执行漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-26855
https://nvd.nist.gov/vuln/detail/CVE-2021-27065
EXP/POC:
https://github.com/hausec/ProxyLogon
Microsoft Exchange 远程代码执行漏洞
https://nvd.nist.gov/vuln/detail/CVE-2020-17144
EXP/POC:
https://github.com/Airboi/CVE-2020-17144-EXP
Microsoft Exchange 远程代码执行漏洞
https://nvd.nist.gov/vuln/detail/CVE-2020-16875
EXP/POC:
https://srcincite.io/pocs/cve-2020-16875.py.txt
Exchange ProxyShell SSRF
https://nvd.nist.gov/vuln/detail/CVE-2021-34473
EXP/POC:
https://github.com/dmaasland/proxyshell-poc
Exchange ProxyToken 信息泄露漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-33766
EXP/POC:
https://github.com/bhdresh/CVE-2021-33766-ProxyToken
原文作者:Leticia 原文链接:http://uuzdaisuki.com/2022/01/20/%E5%9F%9F%E6%B8%97%E9%80%8F%E5%8E%86%E5%8F%B2%E6%BC%8F%E6%B4%9E%E6%B1%87%E6%80%BB/#CVE-2020-16875
排版自:Top security
侵权请私聊公众号删文
热文推荐