PoC-in-GitHub/2020/CVE-2020-6287.json

[
    {
        "id": 279903611,
        "name": "SAP_RECON",
        "full_name": "chipik\/SAP_RECON",
        "owner": {
            "login": "chipik",
            "id": 6584277,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6584277?v=4",
            "html_url": "https:\/\/github.com\/chipik",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/chipik\/SAP_RECON",
        "description": "PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)",
        "fork": false,
        "created_at": "2020-07-15T15:20:09Z",
        "updated_at": "2024-08-20T11:51:10Z",
        "pushed_at": "2020-09-29T17:20:12Z",
        "stargazers_count": 215,
        "watchers_count": 215,
        "has_discussions": false,
        "forks_count": 64,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 64,
        "watchers": 215,
        "score": 0,
        "subscribers_count": 14
    },
    {
        "id": 281199347,
        "name": "CVE-2020-6287-exploit",
        "full_name": "duc-nt\/CVE-2020-6287-exploit",
        "owner": {
            "login": "duc-nt",
            "id": 61867814,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61867814?v=4",
            "html_url": "https:\/\/github.com\/duc-nt",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/duc-nt\/CVE-2020-6287-exploit",
        "description": "PoC for CVE-2020-6287  The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https:\/\/github.com\/rapid7\/metasploit-framework\/pull\/13852\/commits\/d1e2c75b3eafa7f62a6aba9fbe6220c8da97baa8 This PoC only create user with unauthentication permission and no more administrator permission set. This project is created only for educational purposes and cannot be used for law violation or personal gain. The author of this project is not responsible for any possible harm caused by the materials of this project. Original finding: CVE-2020-6287: Pablo Artuso CVE-2020-6286: Yvan 'iggy' G.  Usage: python sap-CVE-2020-6287-add-user.py <HTTP(s):\/\/IP:Port",
        "fork": false,
        "created_at": "2020-07-20T18:45:53Z",
        "updated_at": "2024-08-12T20:03:56Z",
        "pushed_at": "2020-07-21T18:50:07Z",
        "stargazers_count": 95,
        "watchers_count": 95,
        "has_discussions": false,
        "forks_count": 28,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 28,
        "watchers": 95,
        "score": 0,
        "subscribers_count": 4
    },
    {
        "id": 281263657,
        "name": "CVE-2020-6287_RECON-scanner",
        "full_name": "Onapsis\/CVE-2020-6287_RECON-scanner",
        "owner": {
            "login": "Onapsis",
            "id": 8865342,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8865342?v=4",
            "html_url": "https:\/\/github.com\/Onapsis",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/Onapsis\/CVE-2020-6287_RECON-scanner",
        "description": null,
        "fork": false,
        "created_at": "2020-07-21T01:22:45Z",
        "updated_at": "2024-09-11T08:00:52Z",
        "pushed_at": "2022-02-17T19:52:32Z",
        "stargazers_count": 28,
        "watchers_count": 28,
        "has_discussions": false,
        "forks_count": 5,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 5,
        "watchers": 28,
        "score": 0,
        "subscribers_count": 5
    },
    {
        "id": 281749237,
        "name": "CVE-2020-6287-Sap-Add-User",
        "full_name": "ynsmroztas\/CVE-2020-6287-Sap-Add-User",
        "owner": {
            "login": "ynsmroztas",
            "id": 58443521,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58443521?v=4",
            "html_url": "https:\/\/github.com\/ynsmroztas",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/ynsmroztas\/CVE-2020-6287-Sap-Add-User",
        "description": "sap netweaver portal add user administrator",
        "fork": false,
        "created_at": "2020-07-22T18:06:02Z",
        "updated_at": "2020-07-22T18:06:06Z",
        "pushed_at": "2020-07-22T18:06:03Z",
        "stargazers_count": 0,
        "watchers_count": 0,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 0,
        "score": 0,
        "subscribers_count": 1
    },
    {
        "id": 287233517,
        "name": "CVE-2020-6287",
        "full_name": "murataydemir\/CVE-2020-6287",
        "owner": {
            "login": "murataydemir",
            "id": 16391655,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4",
            "html_url": "https:\/\/github.com\/murataydemir",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-6287",
        "description": "[CVE-2020-6287] SAP NetWeaver AS JAVA (LM Configuration Wizard) Authentication Bypass (Create Simple & Administrator Java User)",
        "fork": false,
        "created_at": "2020-08-13T09:12:37Z",
        "updated_at": "2024-08-12T20:04:40Z",
        "pushed_at": "2020-09-18T15:18:21Z",
        "stargazers_count": 11,
        "watchers_count": 11,
        "has_discussions": false,
        "forks_count": 3,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 3,
        "watchers": 11,
        "score": 0,
        "subscribers_count": 1
    },
    {
        "id": 624776221,
        "name": "SAP_CVE-2020-6287_find_mandate",
        "full_name": "qmakake\/SAP_CVE-2020-6287_find_mandate",
        "owner": {
            "login": "qmakake",
            "id": 80854804,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80854804?v=4",
            "html_url": "https:\/\/github.com\/qmakake",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/qmakake\/SAP_CVE-2020-6287_find_mandate",
        "description": "Checker help to verify created account or find it's mandat",
        "fork": false,
        "created_at": "2023-04-07T08:24:12Z",
        "updated_at": "2023-04-07T08:28:52Z",
        "pushed_at": "2023-04-07T11:08:50Z",
        "stargazers_count": 0,
        "watchers_count": 0,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 0,
        "score": 0,
        "subscribers_count": 1
    },
    {
        "id": 868990274,
        "name": "CVE-2020-6287_SAP-NetWeaver-bypass-auth",
        "full_name": "dylvie\/CVE-2020-6287_SAP-NetWeaver-bypass-auth",
        "owner": {
            "login": "dylvie",
            "id": 78607002,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78607002?v=4",
            "html_url": "https:\/\/github.com\/dylvie",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/dylvie\/CVE-2020-6287_SAP-NetWeaver-bypass-auth",
        "description": "Automated Exploit for CVE-2020-6287",
        "fork": false,
        "created_at": "2024-10-07T14:29:34Z",
        "updated_at": "2024-10-20T14:11:53Z",
        "pushed_at": "2024-10-07T14:45:00Z",
        "stargazers_count": 1,
        "watchers_count": 1,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 1,
        "score": 0,
        "subscribers_count": 1
    }
]
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`[`
			`{`
			`"id": 279903611,`
			`"name": "SAP_RECON",`
			`"full_name": "chipik\/SAP_RECON",`
			`"owner": {`
			`"login": "chipik",`
			`"id": 6584277,`
			`"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6584277?v=4",`
Auto Update 2024/10/18 00:30:24 2024-10-18 09:30:24 +09:00			`"html_url": "https:\/\/github.com\/chipik",`
			`"user_view_type": "public"`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`},`
			`"html_url": "https:\/\/github.com\/chipik\/SAP_RECON",`
			`"description": "PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)",`
			`"fork": false,`
			`"created_at": "2020-07-15T15:20:09Z",`
Auto Update 2024/08/20 12:30:03 2024-08-20 21:30:03 +09:00			`"updated_at": "2024-08-20T11:51:10Z",`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"pushed_at": "2020-09-29T17:20:12Z",`
Auto Update 2024/08/20 12:30:03 2024-08-20 21:30:03 +09:00			`"stargazers_count": 215,`
			`"watchers_count": 215,`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"has_discussions": false,`
Auto Update 2024/08/07 06:29:10 2024-08-07 15:29:10 +09:00			`"forks_count": 64,`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"allow_forking": true,`
			`"is_template": false,`
			`"web_commit_signoff_required": false,`
			`"topics": [],`
			`"visibility": "public",`
Auto Update 2024/08/07 06:29:10 2024-08-07 15:29:10 +09:00			`"forks": 64,`
Auto Update 2024/08/20 12:30:03 2024-08-20 21:30:03 +09:00			`"watchers": 215,`
Auto Update 2023/06/19 13:46:37 2023-06-19 22:46:37 +09:00			`"score": 0,`
			`"subscribers_count": 14`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`},`
			`{`
			`"id": 281199347,`
			`"name": "CVE-2020-6287-exploit",`
			`"full_name": "duc-nt\/CVE-2020-6287-exploit",`
			`"owner": {`
			`"login": "duc-nt",`
			`"id": 61867814,`
			`"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61867814?v=4",`
Auto Update 2024/10/18 00:30:24 2024-10-18 09:30:24 +09:00			`"html_url": "https:\/\/github.com\/duc-nt",`
			`"user_view_type": "public"`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`},`
			`"html_url": "https:\/\/github.com\/duc-nt\/CVE-2020-6287-exploit",`
			"description": "PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https:\/\/github.com\/rapid7\/metasploit-framework\/pull\/13852\/commits\/d1e2c75b3eafa7f62a6aba9fbe6220c8da97baa8 This PoC only create user with unauthentication permission and no more administrator permission set. This project is created only for educational purposes and cannot be used for law violation or personal gain. The author of this project is not responsible for any possible harm caused by the materials of this project. Original finding: CVE-2020-6287: Pablo Artuso CVE-2020-6286: Yvan 'iggy' G. Usage: python sap-CVE-2020-6287-add-user.py <HTTP(s):\/\/IP:Port",
			`"fork": false,`
			`"created_at": "2020-07-20T18:45:53Z",`
Auto Update 2024/08/13 00:29:46 2024-08-13 09:29:46 +09:00			`"updated_at": "2024-08-12T20:03:56Z",`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"pushed_at": "2020-07-21T18:50:07Z",`
Auto Update 2024/08/13 00:29:46 2024-08-13 09:29:46 +09:00			`"stargazers_count": 95,`
			`"watchers_count": 95,`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"has_discussions": false,`
Auto Update 2023/07/09 18:27:14 2023-07-10 03:27:15 +09:00			`"forks_count": 28,`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"allow_forking": true,`
			`"is_template": false,`
			`"web_commit_signoff_required": false,`
			`"topics": [],`
			`"visibility": "public",`
Auto Update 2023/07/09 18:27:14 2023-07-10 03:27:15 +09:00			`"forks": 28,`
Auto Update 2024/08/13 00:29:46 2024-08-13 09:29:46 +09:00			`"watchers": 95,`
Auto Update 2023/06/19 13:46:37 2023-06-19 22:46:37 +09:00			`"score": 0,`
Auto Update 2023/06/28 00:23:47 2023-06-28 09:23:47 +09:00			`"subscribers_count": 4`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`},`
			`{`
			`"id": 281263657,`
			`"name": "CVE-2020-6287_RECON-scanner",`
			`"full_name": "Onapsis\/CVE-2020-6287_RECON-scanner",`
			`"owner": {`
			`"login": "Onapsis",`
			`"id": 8865342,`
			`"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8865342?v=4",`
Auto Update 2024/10/18 00:30:24 2024-10-18 09:30:24 +09:00			`"html_url": "https:\/\/github.com\/Onapsis",`
			`"user_view_type": "public"`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`},`
			`"html_url": "https:\/\/github.com\/Onapsis\/CVE-2020-6287_RECON-scanner",`
			`"description": null,`
			`"fork": false,`
			`"created_at": "2020-07-21T01:22:45Z",`
Auto Update 2024/09/11 12:30:33 2024-09-11 21:30:33 +09:00			`"updated_at": "2024-09-11T08:00:52Z",`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"pushed_at": "2022-02-17T19:52:32Z",`
Auto Update 2024/09/11 12:30:33 2024-09-11 21:30:33 +09:00			`"stargazers_count": 28,`
			`"watchers_count": 28,`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"has_discussions": false,`
Auto Update 2023/01/28 18:29:30 2023-01-29 03:29:30 +09:00			`"forks_count": 5,`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"allow_forking": true,`
			`"is_template": false,`
			`"web_commit_signoff_required": false,`
			`"topics": [],`
			`"visibility": "public",`
Auto Update 2023/01/28 18:29:30 2023-01-29 03:29:30 +09:00			`"forks": 5,`
Auto Update 2024/09/11 12:30:33 2024-09-11 21:30:33 +09:00			`"watchers": 28,`
Auto Update 2023/06/19 13:46:37 2023-06-19 22:46:37 +09:00			`"score": 0,`
			`"subscribers_count": 5`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`},`
			`{`
			`"id": 281749237,`
			`"name": "CVE-2020-6287-Sap-Add-User",`
			`"full_name": "ynsmroztas\/CVE-2020-6287-Sap-Add-User",`
			`"owner": {`
			`"login": "ynsmroztas",`
			`"id": 58443521,`
			`"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58443521?v=4",`
Auto Update 2024/10/18 00:30:24 2024-10-18 09:30:24 +09:00			`"html_url": "https:\/\/github.com\/ynsmroztas",`
			`"user_view_type": "public"`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`},`
			`"html_url": "https:\/\/github.com\/ynsmroztas\/CVE-2020-6287-Sap-Add-User",`
			`"description": "sap netweaver portal add user administrator",`
			`"fork": false,`
			`"created_at": "2020-07-22T18:06:02Z",`
			`"updated_at": "2020-07-22T18:06:06Z",`
			`"pushed_at": "2020-07-22T18:06:03Z",`
			`"stargazers_count": 0,`
			`"watchers_count": 0,`
			`"has_discussions": false,`
			`"forks_count": 0,`
			`"allow_forking": true,`
			`"is_template": false,`
			`"web_commit_signoff_required": false,`
			`"topics": [],`
			`"visibility": "public",`
			`"forks": 0,`
			`"watchers": 0,`
Auto Update 2023/06/19 13:46:37 2023-06-19 22:46:37 +09:00			`"score": 0,`
			`"subscribers_count": 1`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`},`
			`{`
			`"id": 287233517,`
			`"name": "CVE-2020-6287",`
			`"full_name": "murataydemir\/CVE-2020-6287",`
			`"owner": {`
			`"login": "murataydemir",`
			`"id": 16391655,`
			`"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4",`
Auto Update 2024/10/18 00:30:24 2024-10-18 09:30:24 +09:00			`"html_url": "https:\/\/github.com\/murataydemir",`
			`"user_view_type": "public"`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`},`
			`"html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-6287",`
			`"description": "[CVE-2020-6287] SAP NetWeaver AS JAVA (LM Configuration Wizard) Authentication Bypass (Create Simple & Administrator Java User)",`
			`"fork": false,`
			`"created_at": "2020-08-13T09:12:37Z",`
Auto Update 2024/08/13 00:29:46 2024-08-13 09:29:46 +09:00			`"updated_at": "2024-08-12T20:04:40Z",`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"pushed_at": "2020-09-18T15:18:21Z",`
Auto Update 2024/08/13 00:29:46 2024-08-13 09:29:46 +09:00			`"stargazers_count": 11,`
			`"watchers_count": 11,`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`"has_discussions": false,`
			`"forks_count": 3,`
			`"allow_forking": true,`
			`"is_template": false,`
			`"web_commit_signoff_required": false,`
			`"topics": [],`
			`"visibility": "public",`
			`"forks": 3,`
Auto Update 2024/08/13 00:29:46 2024-08-13 09:29:46 +09:00			`"watchers": 11,`
Auto Update 2023/06/19 13:46:37 2023-06-19 22:46:37 +09:00			`"score": 0,`
			`"subscribers_count": 1`
Auto Update 2023/04/07 12:34:48 2023-04-07 21:34:48 +09:00			`},`
			`{`
			`"id": 624776221,`
			`"name": "SAP_CVE-2020-6287_find_mandate",`
			`"full_name": "qmakake\/SAP_CVE-2020-6287_find_mandate",`
			`"owner": {`
			`"login": "qmakake",`
			`"id": 80854804,`
			`"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80854804?v=4",`
Auto Update 2024/10/18 00:30:24 2024-10-18 09:30:24 +09:00			`"html_url": "https:\/\/github.com\/qmakake",`
			`"user_view_type": "public"`
Auto Update 2023/04/07 12:34:48 2023-04-07 21:34:48 +09:00			`},`
			`"html_url": "https:\/\/github.com\/qmakake\/SAP_CVE-2020-6287_find_mandate",`
			`"description": "Checker help to verify created account or find it's mandat",`
			`"fork": false,`
			`"created_at": "2023-04-07T08:24:12Z",`
			`"updated_at": "2023-04-07T08:28:52Z",`
			`"pushed_at": "2023-04-07T11:08:50Z",`
			`"stargazers_count": 0,`
			`"watchers_count": 0,`
			`"has_discussions": false,`
			`"forks_count": 0,`
			`"allow_forking": true,`
			`"is_template": false,`
			`"web_commit_signoff_required": false,`
			`"topics": [],`
			`"visibility": "public",`
			`"forks": 0,`
			`"watchers": 0,`
Auto Update 2023/06/19 13:46:37 2023-06-19 22:46:37 +09:00			`"score": 0,`
			`"subscribers_count": 1`
Auto Update 2024/10/07 18:30:33 2024-10-08 03:30:33 +09:00			`},`
			`{`
			`"id": 868990274,`
			`"name": "CVE-2020-6287_SAP-NetWeaver-bypass-auth",`
			`"full_name": "dylvie\/CVE-2020-6287_SAP-NetWeaver-bypass-auth",`
			`"owner": {`
			`"login": "dylvie",`
			`"id": 78607002,`
			`"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78607002?v=4",`
Auto Update 2024/10/18 00:30:24 2024-10-18 09:30:24 +09:00			`"html_url": "https:\/\/github.com\/dylvie",`
			`"user_view_type": "public"`
Auto Update 2024/10/07 18:30:33 2024-10-08 03:30:33 +09:00			`},`
			`"html_url": "https:\/\/github.com\/dylvie\/CVE-2020-6287_SAP-NetWeaver-bypass-auth",`
			`"description": "Automated Exploit for CVE-2020-6287",`
			`"fork": false,`
			`"created_at": "2024-10-07T14:29:34Z",`
Auto Update 2024/10/20 18:30:45 2024-10-21 03:30:45 +09:00			`"updated_at": "2024-10-20T14:11:53Z",`
Auto Update 2024/10/07 18:30:33 2024-10-08 03:30:33 +09:00			`"pushed_at": "2024-10-07T14:45:00Z",`
Auto Update 2024/10/20 18:30:45 2024-10-21 03:30:45 +09:00			`"stargazers_count": 1,`
			`"watchers_count": 1,`
Auto Update 2024/10/07 18:30:33 2024-10-08 03:30:33 +09:00			`"has_discussions": false,`
			`"forks_count": 0,`
			`"allow_forking": true,`
			`"is_template": false,`
			`"web_commit_signoff_required": false,`
			`"topics": [],`
			`"visibility": "public",`
			`"forks": 0,`
Auto Update 2024/10/20 18:30:45 2024-10-21 03:30:45 +09:00			`"watchers": 1,`
Auto Update 2024/10/07 18:30:33 2024-10-08 03:30:33 +09:00			`"score": 0,`
Auto Update 2024/10/08 00:30:34 2024-10-08 09:30:34 +09:00			`"subscribers_count": 1`
Auto Update 2023/01/02 12:13:52 2023-01-02 21:13:52 +09:00			`}`
			`]`