[ { "id": 243416592, "name": "cve-2020-0688", "full_name": "Ridter\/cve-2020-0688", "owner": { "login": "Ridter", "id": 6007471, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", "html_url": "https:\/\/github.com\/Ridter" }, "html_url": "https:\/\/github.com\/Ridter\/cve-2020-0688", "description": "cve-2020-0688", "fork": false, "created_at": "2020-02-27T02:54:27Z", "updated_at": "2021-08-27T10:55:49Z", "pushed_at": "2020-06-19T09:28:15Z", "stargazers_count": 274, "watchers_count": 274, "forks_count": 93, "forks": 93, "watchers": 274, "score": 0 }, { "id": 243640997, "name": "CVE-2020-0688", "full_name": "righter83\/CVE-2020-0688", "owner": { "login": "righter83", "id": 12727740, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12727740?v=4", "html_url": "https:\/\/github.com\/righter83" }, "html_url": "https:\/\/github.com\/righter83\/CVE-2020-0688", "description": "Exchange Scanner CVE-2020-0688", "fork": false, "created_at": "2020-02-27T23:55:04Z", "updated_at": "2021-03-11T15:57:36Z", "pushed_at": "2020-11-06T13:33:30Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 2, "forks": 2, "watchers": 1, "score": 0 }, { "id": 243801603, "name": "CVE-2020-0688-Scanner", "full_name": "onSec-fr\/CVE-2020-0688-Scanner", "owner": { "login": "onSec-fr", "id": 59887731, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59887731?v=4", "html_url": "https:\/\/github.com\/onSec-fr" }, "html_url": "https:\/\/github.com\/onSec-fr\/CVE-2020-0688-Scanner", "description": "Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.", "fork": false, "created_at": "2020-02-28T16:04:30Z", "updated_at": "2021-08-16T12:49:13Z", "pushed_at": "2021-06-01T07:36:53Z", "stargazers_count": 36, "watchers_count": 36, "forks_count": 13, "forks": 13, "watchers": 36, "score": 0 }, { "id": 244149446, "name": "CVE-2020-0688", "full_name": "zcgonvh\/CVE-2020-0688", "owner": { "login": "zcgonvh", "id": 25787677, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25787677?v=4", "html_url": "https:\/\/github.com\/zcgonvh" }, "html_url": "https:\/\/github.com\/zcgonvh\/CVE-2020-0688", "description": "Exploit and detect tools for CVE-2020-0688", "fork": false, "created_at": "2020-03-01T12:57:32Z", "updated_at": "2021-08-18T04:31:56Z", "pushed_at": "2020-03-21T05:44:48Z", "stargazers_count": 297, "watchers_count": 297, "forks_count": 72, "forks": 72, "watchers": 297, "score": 0 }, { "id": 248554405, "name": "CVE-2020-0688", "full_name": "cert-lv\/CVE-2020-0688", "owner": { "login": "cert-lv", "id": 22764485, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22764485?v=4", "html_url": "https:\/\/github.com\/cert-lv" }, "html_url": "https:\/\/github.com\/cert-lv\/CVE-2020-0688", "description": "Vulnerability scanner for CVE-2020-0688", "fork": false, "created_at": "2020-03-19T16:39:56Z", "updated_at": "2021-08-17T14:49:53Z", "pushed_at": "2020-03-19T16:41:39Z", "stargazers_count": 7, "watchers_count": 7, "forks_count": 2, "forks": 2, "watchers": 7, "score": 0 }, { "id": 251646716, "name": "CVE-2020-0688", "full_name": "ravinacademy\/CVE-2020-0688", "owner": { "login": "ravinacademy", "id": 62107070, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62107070?v=4", "html_url": "https:\/\/github.com\/ravinacademy" }, "html_url": "https:\/\/github.com\/ravinacademy\/CVE-2020-0688", "description": "Exploitation Script for CVE-2020-0688 \"Microsoft Exchange default MachineKeySection deserialize vulnerability\"", "fork": false, "created_at": "2020-03-31T15:29:52Z", "updated_at": "2021-02-07T08:36:06Z", "pushed_at": "2020-04-01T06:57:50Z", "stargazers_count": 12, "watchers_count": 12, "forks_count": 9, "forks": 9, "watchers": 12, "score": 0 }, { "id": 253240950, "name": "Exploit_CVE-2020-0688", "full_name": "mahyarx\/Exploit_CVE-2020-0688", "owner": { "login": "mahyarx", "id": 7817627, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7817627?v=4", "html_url": "https:\/\/github.com\/mahyarx" }, "html_url": "https:\/\/github.com\/mahyarx\/Exploit_CVE-2020-0688", "description": "CVE-2020-0688 \"Microsoft Exchange default MachineKeySection deserialize vulnerability\" ", "fork": false, "created_at": "2020-04-05T13:26:03Z", "updated_at": "2021-06-29T18:02:11Z", "pushed_at": "2020-04-05T13:33:10Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 2, "forks": 2, "watchers": 2, "score": 0 }, { "id": 257824792, "name": "CVE-2020-0688", "full_name": "ktpdpro\/CVE-2020-0688", "owner": { "login": "ktpdpro", "id": 17905484, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17905484?v=4", "html_url": "https:\/\/github.com\/ktpdpro" }, "html_url": "https:\/\/github.com\/ktpdpro\/CVE-2020-0688", "description": "PoC RCE Reverse Shell for CVE-2020-0688", "fork": false, "created_at": "2020-04-22T07:28:32Z", "updated_at": "2021-07-22T16:34:53Z", "pushed_at": "2020-04-22T01:09:27Z", "stargazers_count": 3, "watchers_count": 3, "forks_count": 1, "forks": 1, "watchers": 3, "score": 0 }, { "id": 271748338, "name": "cve-2020-0688-webshell-upload-technique", "full_name": "w4fz5uck5\/cve-2020-0688-webshell-upload-technique", "owner": { "login": "w4fz5uck5", "id": 32375656, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32375656?v=4", "html_url": "https:\/\/github.com\/w4fz5uck5" }, "html_url": "https:\/\/github.com\/w4fz5uck5\/cve-2020-0688-webshell-upload-technique", "description": "cve-2020-0688 UNIVERSAL Python implementation utilizing ASPX webshell for command output", "fork": false, "created_at": "2020-06-12T08:28:35Z", "updated_at": "2021-07-04T07:09:59Z", "pushed_at": "2020-07-16T10:42:27Z", "stargazers_count": 15, "watchers_count": 15, "forks_count": 9, "forks": 9, "watchers": 15, "score": 0 }, { "id": 288177224, "name": "CVE-2020-0688", "full_name": "murataydemir\/CVE-2020-0688", "owner": { "login": "murataydemir", "id": 16391655, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", "html_url": "https:\/\/github.com\/murataydemir" }, "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-0688", "description": "[CVE-2020-0688] Microsoft Exchange Server Fixed Cryptographic Key Remote Code Execution (RCE)", "fork": false, "created_at": "2020-08-17T12:41:51Z", "updated_at": "2021-08-19T10:39:41Z", "pushed_at": "2020-08-29T21:00:56Z", "stargazers_count": 4, "watchers_count": 4, "forks_count": 1, "forks": 1, "watchers": 4, "score": 0 }, { "id": 306497480, "name": "ecp_slap", "full_name": "zyn3rgy\/ecp_slap", "owner": { "login": "zyn3rgy", "id": 73311948, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73311948?v=4", "html_url": "https:\/\/github.com\/zyn3rgy" }, "html_url": "https:\/\/github.com\/zyn3rgy\/ecp_slap", "description": "CVE-2020-0688 PoC", "fork": false, "created_at": "2020-10-23T01:18:13Z", "updated_at": "2021-06-02T22:22:39Z", "pushed_at": "2021-06-02T22:22:37Z", "stargazers_count": 7, "watchers_count": 7, "forks_count": 1, "forks": 1, "watchers": 7, "score": 0 }, { "id": 308367304, "name": "CVE-2020-0688-Scanner", "full_name": "SLSteff\/CVE-2020-0688-Scanner", "owner": { "login": "SLSteff", "id": 20557573, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20557573?v=4", "html_url": "https:\/\/github.com\/SLSteff" }, "html_url": "https:\/\/github.com\/SLSteff\/CVE-2020-0688-Scanner", "description": "Scans for Microsoft Exchange Versions with masscan", "fork": false, "created_at": "2020-10-29T15:16:24Z", "updated_at": "2021-03-20T06:54:20Z", "pushed_at": "2020-10-29T20:06:25Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 0, "forks": 0, "watchers": 2, "score": 0 }, { "id": 326652424, "name": "CVE-2020-0688", "full_name": "MrTiz\/CVE-2020-0688", "owner": { "login": "MrTiz", "id": 29025198, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29025198?v=4", "html_url": "https:\/\/github.com\/MrTiz" }, "html_url": "https:\/\/github.com\/MrTiz\/CVE-2020-0688", "description": "Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys", "fork": false, "created_at": "2021-01-04T10:48:40Z", "updated_at": "2021-07-13T03:03:50Z", "pushed_at": "2021-06-06T16:03:53Z", "stargazers_count": 5, "watchers_count": 5, "forks_count": 2, "forks": 2, "watchers": 5, "score": 0 }, { "id": 363882684, "name": "proxylogon", "full_name": "ann0906\/proxylogon", "owner": { "login": "ann0906", "id": 82447420, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82447420?v=4", "html_url": "https:\/\/github.com\/ann0906" }, "html_url": "https:\/\/github.com\/ann0906\/proxylogon", "description": "事件: 微軟(Microsoft)上周公布了修補遭到駭客攻擊的 Exchange Server 漏洞,全球恐有數萬個組織受到影響。網域與被入侵的Exchange郵件伺服器有關,而這臺伺服器後來被駭客當作C&C中繼站使用,導致接下來發生加密攻擊事故。 嚴重性: 全球企業普遍使用微軟生態系執行日常業務,若遭受駭客攻擊,將造成用戶機敏資料外洩並導致極大損失。雖然微軟已推出更新補釘,但阿戴爾強調這尚未去除儲存在受害伺服器內的後門殼層(webshell),因此就算尚未受到攻擊的企業可以免於被駭風險,駭客仍有時間入侵已被駭的伺服器留下「定時炸彈」。 從2020年開始,美國便不斷指控中國入侵多家醫藥公司及學術單位,試圖竊取疫苗研發機密,這次事件很可能將使中美之間的關係進一步惡化。至於華為、TikTok等中國服務是否會受到這次駭客事件波及,則暫時還不明朗。 漏洞通報程序: 在2年前,曾經拿下資安圈漏洞奧斯卡獎Pwnie Awards「最佳伺服器漏洞獎」戴夫寇爾首席資安研究員Orange Tsai(蔡政達),漏洞通報記錄不勝枚舉,後來因為針對企業常用的SSL VPN進行漏洞研究與通報,更是在全球資安圈聲名大噪。 不過,在今年3月2日卻發生讓Orange Tsai錯愕不已的事情。那就是,他在今年一月跟微軟通報的2個Exchange漏洞,微軟原訂在3月9日對外釋出修補程式,卻突然提前一週,在3月2日便緊急釋出修補程式。原來是因為,在2月26日到2月28日,這個週五下班後到週末這段期間,全球各地發生許多利用微軟Exchange漏洞發動攻擊的資安事件。 攻擊本質: 有人在網路上大量掃描微軟於本月修補的CVE-2020-0688安全漏洞,該漏洞攸關Microsoft Exchange伺服器,呼籲Exchange用戶應儘速修補。 CVE-2020-0688漏洞肇因於Exchange伺服器在安裝時沒能妥善建立唯一金鑰,將允許具備該知識及信箱的授權用戶以系統權限傳遞任意物件,屬於遠端程式攻擊漏洞,該漏洞影響Microsoft Exchange Server 2010 SP3、Microsoft Exchange Server 2013、Microsoft Exchange Server 2016與Microsoft Exchange Server 2019,但只被微軟列為重要(Important)等級的風險。", "fork": false, "created_at": "2021-05-03T09:44:25Z", "updated_at": "2021-05-03T09:52:40Z", "pushed_at": "2021-05-03T09:44:25Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, "forks": 0, "watchers": 0, "score": 0 } ]