[ { "id": 243126851, "name": "cve-2020-0688", "full_name": "random-robbie\/cve-2020-0688", "owner": { "login": "random-robbie", "id": 4902869, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", "html_url": "https:\/\/github.com\/random-robbie" }, "html_url": "https:\/\/github.com\/random-robbie\/cve-2020-0688", "description": "cve-2020-0688", "fork": false, "created_at": "2020-02-25T23:44:16Z", "updated_at": "2024-02-03T07:42:19Z", "pushed_at": "2020-02-26T00:58:39Z", "stargazers_count": 162, "watchers_count": 162, "has_discussions": false, "forks_count": 52, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve-2020-0688" ], "visibility": "public", "forks": 52, "watchers": 162, "score": 0, "subscribers_count": 6 }, { "id": 243257176, "name": "CVE-2020-0688", "full_name": "Jumbo-WJB\/CVE-2020-0688", "owner": { "login": "Jumbo-WJB", "id": 7954518, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7954518?v=4", "html_url": "https:\/\/github.com\/Jumbo-WJB" }, "html_url": "https:\/\/github.com\/Jumbo-WJB\/CVE-2020-0688", "description": "CVE-2020-0688 - Exchange", "fork": false, "created_at": "2020-02-26T12:28:11Z", "updated_at": "2023-12-21T06:55:22Z", "pushed_at": "2020-02-27T03:50:07Z", "stargazers_count": 66, "watchers_count": 66, "has_discussions": false, "forks_count": 24, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 24, "watchers": 66, "score": 0, "subscribers_count": 4 }, { "id": 243416592, "name": "cve-2020-0688", "full_name": "Ridter\/cve-2020-0688", "owner": { "login": "Ridter", "id": 6007471, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", "html_url": "https:\/\/github.com\/Ridter" }, "html_url": "https:\/\/github.com\/Ridter\/cve-2020-0688", "description": "cve-2020-0688", "fork": false, "created_at": "2020-02-27T02:54:27Z", "updated_at": "2024-01-28T07:05:12Z", "pushed_at": "2023-07-04T05:16:05Z", "stargazers_count": 321, "watchers_count": 321, "has_discussions": false, "forks_count": 93, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 93, "watchers": 321, "score": 0, "subscribers_count": 10 }, { "id": 243531424, "name": "CVE-2020-0688_EXP", "full_name": "Yt1g3r\/CVE-2020-0688_EXP", "owner": { "login": "Yt1g3r", "id": 12625147, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12625147?v=4", "html_url": "https:\/\/github.com\/Yt1g3r" }, "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2020-0688_EXP", "description": "CVE-2020-0688_EXP Auto trigger payload & encrypt method", "fork": false, "created_at": "2020-02-27T13:53:46Z", "updated_at": "2023-11-30T16:01:59Z", "pushed_at": "2020-02-27T15:57:53Z", "stargazers_count": 144, "watchers_count": 144, "has_discussions": false, "forks_count": 65, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "automation", "cve-2020-0688", "exchange", "exploit" ], "visibility": "public", "forks": 65, "watchers": 144, "score": 0, "subscribers_count": 10 }, { "id": 243640997, "name": "CVE-2020-0688", "full_name": "righter83\/CVE-2020-0688", "owner": { "login": "righter83", "id": 12727740, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12727740?v=4", "html_url": "https:\/\/github.com\/righter83" }, "html_url": "https:\/\/github.com\/righter83\/CVE-2020-0688", "description": "Exchange Scanner CVE-2020-0688", "fork": false, "created_at": "2020-02-27T23:55:04Z", "updated_at": "2023-09-28T11:11:50Z", "pushed_at": "2021-09-10T12:10:09Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 3, "score": 0, "subscribers_count": 1 }, { "id": 243672879, "name": "cve-2020-0688", "full_name": "truongtn\/cve-2020-0688", "owner": { "login": "truongtn", "id": 11813006, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11813006?v=4", "html_url": "https:\/\/github.com\/truongtn" }, "html_url": "https:\/\/github.com\/truongtn\/cve-2020-0688", "description": "I made this script for conducting CVE-2020-0688 more rapidly. It helps to improve checking the vuln, reducing hugely steps for that", "fork": false, "created_at": "2020-02-28T03:47:40Z", "updated_at": "2023-09-28T11:11:50Z", "pushed_at": "2020-02-28T04:04:54Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 2, "score": 0, "subscribers_count": 2 }, { "id": 243801603, "name": "CVE-2020-0688-Scanner", "full_name": "onSec-fr\/CVE-2020-0688-Scanner", "owner": { "login": "onSec-fr", "id": 59887731, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59887731?v=4", "html_url": "https:\/\/github.com\/onSec-fr" }, "html_url": "https:\/\/github.com\/onSec-fr\/CVE-2020-0688-Scanner", "description": "Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.", "fork": false, "created_at": "2020-02-28T16:04:30Z", "updated_at": "2023-10-26T03:23:29Z", "pushed_at": "2021-06-01T07:36:53Z", "stargazers_count": 38, "watchers_count": 38, "has_discussions": false, "forks_count": 13, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve-2020-0688", "exchange", "microsoft", "pentesting" ], "visibility": "public", "forks": 13, "watchers": 38, "score": 0, "subscribers_count": 4 }, { "id": 243813543, "name": "CVE-2020-0688", "full_name": "youncyb\/CVE-2020-0688", "owner": { "login": "youncyb", "id": 33374470, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33374470?v=4", "html_url": "https:\/\/github.com\/youncyb" }, "html_url": "https:\/\/github.com\/youncyb\/CVE-2020-0688", "description": "CVE-2020-0688", "fork": false, "created_at": "2020-02-28T17:03:53Z", "updated_at": "2023-12-21T11:26:59Z", "pushed_at": "2020-02-28T17:07:15Z", "stargazers_count": 11, "watchers_count": 11, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 11, "score": 0, "subscribers_count": 2 }, { "id": 244149446, "name": "CVE-2020-0688", "full_name": "zcgonvh\/CVE-2020-0688", "owner": { "login": "zcgonvh", "id": 25787677, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25787677?v=4", "html_url": "https:\/\/github.com\/zcgonvh" }, "html_url": "https:\/\/github.com\/zcgonvh\/CVE-2020-0688", "description": "Exploit and detect tools for CVE-2020-0688", "fork": false, "created_at": "2020-03-01T12:57:32Z", "updated_at": "2024-01-28T06:58:12Z", "pushed_at": "2020-03-21T05:44:48Z", "stargazers_count": 343, "watchers_count": 343, "has_discussions": false, "forks_count": 81, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 81, "watchers": 343, "score": 0, "subscribers_count": 10 }, { "id": 245013193, "name": "PSForgot2kEyXCHANGE", "full_name": "justin-p\/PSForgot2kEyXCHANGE", "owner": { "login": "justin-p", "id": 8249280, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8249280?v=4", "html_url": "https:\/\/github.com\/justin-p" }, "html_url": "https:\/\/github.com\/justin-p\/PSForgot2kEyXCHANGE", "description": "PoC for Forgot2kEyXCHANGE (CVE-2020-0688) written in PowerShell", "fork": false, "created_at": "2020-03-04T22:02:30Z", "updated_at": "2023-09-28T11:12:03Z", "pushed_at": "2020-03-05T08:02:57Z", "stargazers_count": 5, "watchers_count": 5, "has_discussions": false, "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 6, "watchers": 5, "score": 0, "subscribers_count": 2 }, { "id": 248554405, "name": "CVE-2020-0688", "full_name": "cert-lv\/CVE-2020-0688", "owner": { "login": "cert-lv", "id": 22764485, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22764485?v=4", "html_url": "https:\/\/github.com\/cert-lv" }, "html_url": "https:\/\/github.com\/cert-lv\/CVE-2020-0688", "description": "Vulnerability scanner for CVE-2020-0688", "fork": false, "created_at": "2020-03-19T16:39:56Z", "updated_at": "2022-11-09T18:06:47Z", "pushed_at": "2020-03-19T16:41:39Z", "stargazers_count": 7, "watchers_count": 7, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 7, "score": 0, "subscribers_count": 3 }, { "id": 251646716, "name": "CVE-2020-0688", "full_name": "ravinacademy\/CVE-2020-0688", "owner": { "login": "ravinacademy", "id": 62107070, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62107070?v=4", "html_url": "https:\/\/github.com\/ravinacademy" }, "html_url": "https:\/\/github.com\/ravinacademy\/CVE-2020-0688", "description": "Exploitation Script for CVE-2020-0688 \"Microsoft Exchange default MachineKeySection deserialize vulnerability\"", "fork": false, "created_at": "2020-03-31T15:29:52Z", "updated_at": "2023-09-28T11:13:22Z", "pushed_at": "2020-04-01T06:57:50Z", "stargazers_count": 12, "watchers_count": 12, "has_discussions": false, "forks_count": 9, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 9, "watchers": 12, "score": 0, "subscribers_count": 1 }, { "id": 253240950, "name": "Exploit_CVE-2020-0688", "full_name": "mahyarx\/Exploit_CVE-2020-0688", "owner": { "login": "mahyarx", "id": 7817627, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7817627?v=4", "html_url": "https:\/\/github.com\/mahyarx" }, "html_url": "https:\/\/github.com\/mahyarx\/Exploit_CVE-2020-0688", "description": "CVE-2020-0688 \"Microsoft Exchange default MachineKeySection deserialize vulnerability\" ", "fork": false, "created_at": "2020-04-05T13:26:03Z", "updated_at": "2023-09-28T11:13:35Z", "pushed_at": "2020-04-05T13:33:10Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 3, "score": 0, "subscribers_count": 2 }, { "id": 257824792, "name": "CVE-2020-0688", "full_name": "ktpdpro\/CVE-2020-0688", "owner": { "login": "ktpdpro", "id": 17905484, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17905484?v=4", "html_url": "https:\/\/github.com\/ktpdpro" }, "html_url": "https:\/\/github.com\/ktpdpro\/CVE-2020-0688", "description": "PoC RCE Reverse Shell for CVE-2020-0688", "fork": false, "created_at": "2020-04-22T07:28:32Z", "updated_at": "2023-09-28T11:14:27Z", "pushed_at": "2020-04-22T01:09:27Z", "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 4, "score": 0, "subscribers_count": 1 }, { "id": 271748338, "name": "cve-2020-0688-webshell-upload-technique", "full_name": "w4fz5uck5\/cve-2020-0688-webshell-upload-technique", "owner": { "login": "w4fz5uck5", "id": 32375656, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32375656?v=4", "html_url": "https:\/\/github.com\/w4fz5uck5" }, "html_url": "https:\/\/github.com\/w4fz5uck5\/cve-2020-0688-webshell-upload-technique", "description": "cve-2020-0688 UNIVERSAL Python implementation utilizing ASPX webshell for command output", "fork": false, "created_at": "2020-06-12T08:28:35Z", "updated_at": "2023-09-28T11:16:36Z", "pushed_at": "2023-09-12T13:03:46Z", "stargazers_count": 21, "watchers_count": 21, "has_discussions": false, "forks_count": 11, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 11, "watchers": 21, "score": 0, "subscribers_count": 2 }, { "id": 288177224, "name": "CVE-2020-0688", "full_name": "murataydemir\/CVE-2020-0688", "owner": { "login": "murataydemir", "id": 16391655, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", "html_url": "https:\/\/github.com\/murataydemir" }, "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-0688", "description": "[CVE-2020-0688] Microsoft Exchange Server Fixed Cryptographic Key Remote Code Execution (RCE)", "fork": false, "created_at": "2020-08-17T12:41:51Z", "updated_at": "2023-12-21T11:26:57Z", "pushed_at": "2020-08-29T21:00:56Z", "stargazers_count": 5, "watchers_count": 5, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 5, "score": 0, "subscribers_count": 1 }, { "id": 306497480, "name": "ecp_slap", "full_name": "zyn3rgy\/ecp_slap", "owner": { "login": "zyn3rgy", "id": 73311948, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73311948?v=4", "html_url": "https:\/\/github.com\/zyn3rgy" }, "html_url": "https:\/\/github.com\/zyn3rgy\/ecp_slap", "description": "CVE-2020-0688 PoC", "fork": false, "created_at": "2020-10-23T01:18:13Z", "updated_at": "2023-09-28T11:21:27Z", "pushed_at": "2021-06-02T22:22:37Z", "stargazers_count": 11, "watchers_count": 11, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 11, "score": 0, "subscribers_count": 2 }, { "id": 308367304, "name": "CVE-2020-0688-Scanner", "full_name": "SLSteff\/CVE-2020-0688-Scanner", "owner": { "login": "SLSteff", "id": 20557573, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20557573?v=4", "html_url": "https:\/\/github.com\/SLSteff" }, "html_url": "https:\/\/github.com\/SLSteff\/CVE-2020-0688-Scanner", "description": "Scans for Microsoft Exchange Versions with masscan", "fork": false, "created_at": "2020-10-29T15:16:24Z", "updated_at": "2021-03-20T06:54:20Z", "pushed_at": "2020-10-29T20:06:25Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 2, "score": 0, "subscribers_count": 1 }, { "id": 326652424, "name": "CVE-2020-0688", "full_name": "MrTiz\/CVE-2020-0688", "owner": { "login": "MrTiz", "id": 29025198, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29025198?v=4", "html_url": "https:\/\/github.com\/MrTiz" }, "html_url": "https:\/\/github.com\/MrTiz\/CVE-2020-0688", "description": "Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys", "fork": false, "created_at": "2021-01-04T10:48:40Z", "updated_at": "2023-10-08T15:06:10Z", "pushed_at": "2021-06-06T16:03:53Z", "stargazers_count": 18, "watchers_count": 18, "has_discussions": false, "forks_count": 5, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 5, "watchers": 18, "score": 0, "subscribers_count": 1 }, { "id": 363882684, "name": "proxylogon", "full_name": "ann0906\/proxylogon", "owner": { "login": "ann0906", "id": 82447420, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82447420?v=4", "html_url": "https:\/\/github.com\/ann0906" }, "html_url": "https:\/\/github.com\/ann0906\/proxylogon", "description": "事件: 微軟(Microsoft)上周公布了修補遭到駭客攻擊的 Exchange Server 漏洞,全球恐有數萬個組織受到影響。網域與被入侵的Exchange郵件伺服器有關,而這臺伺服器後來被駭客當作C&C中繼站使用,導致接下來發生加密攻擊事故。 嚴重性: 全球企業普遍使用微軟生態系執行日常業務,若遭受駭客攻擊,將造成用戶機敏資料外洩並導致極大損失。雖然微軟已推出更新補釘,但阿戴爾強調這尚未去除儲存在受害伺服器內的後門殼層(webshell),因此就算尚未受到攻擊的企業可以免於被駭風險,駭客仍有時間入侵已被駭的伺服器留下「定時炸彈」。 從2020年開始,美國便不斷指控中國入侵多家醫藥公司及學術單位,試圖竊取疫苗研發機密,這次事件很可能將使中美之間的關係進一步惡化。至於華為、TikTok等中國服務是否會受到這次駭客事件波及,則暫時還不明朗。 漏洞通報程序: 在2年前,曾經拿下資安圈漏洞奧斯卡獎Pwnie Awards「最佳伺服器漏洞獎」戴夫寇爾首席資安研究員Orange Tsai(蔡政達),漏洞通報記錄不勝枚舉,後來因為針對企業常用的SSL VPN進行漏洞研究與通報,更是在全球資安圈聲名大噪。 不過,在今年3月2日卻發生讓Orange Tsai錯愕不已的事情。那就是,他在今年一月跟微軟通報的2個Exchange漏洞,微軟原訂在3月9日對外釋出修補程式,卻突然提前一週,在3月2日便緊急釋出修補程式。原來是因為,在2月26日到2月28日,這個週五下班後到週末這段期間,全球各地發生許多利用微軟Exchange漏洞發動攻擊的資安事件。 攻擊本質: 有人在網路上大量掃描微軟於本月修補的CVE-2020-0688安全漏洞,該漏洞攸關Microsoft Exchange伺服器,呼籲Exchange用戶應儘速修補。 CVE-2020-0688漏洞肇因於Exchange伺服器在安裝時沒能妥善建立唯一金鑰,將允許具備該知識及信箱的授權用戶以系統權限傳遞任意物件,屬於遠端程式攻擊漏洞,該漏洞影響Microsoft Exchange Server 2010 SP3、Microsoft Exchange Server 2013、Microsoft Exchange Server 2016與Microsoft Exchange Server 2019,但只被微軟列為重要(Important)等級的風險。", "fork": false, "created_at": "2021-05-03T09:44:25Z", "updated_at": "2021-05-03T09:52:40Z", "pushed_at": "2021-05-03T09:44:25Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 491348099, "name": "CVE-2020-0688", "full_name": "7heKnight\/CVE-2020-0688", "owner": { "login": "7heKnight", "id": 60308445, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60308445?v=4", "html_url": "https:\/\/github.com\/7heKnight" }, "html_url": "https:\/\/github.com\/7heKnight\/CVE-2020-0688", "description": "CVE-2020-0688_Microsoft Exchange default MachineKeySection deserialize vulnerability", "fork": false, "created_at": "2022-05-12T03:17:35Z", "updated_at": "2023-12-04T03:36:05Z", "pushed_at": "2022-06-03T06:34:57Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve-2020-0688" ], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 0 }, { "id": 554151760, "name": "CVE-2020-0688-Python3", "full_name": "1337-llama\/CVE-2020-0688-Python3", "owner": { "login": "1337-llama", "id": 71475034, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71475034?v=4", "html_url": "https:\/\/github.com\/1337-llama" }, "html_url": "https:\/\/github.com\/1337-llama\/CVE-2020-0688-Python3", "description": "Exploit updated to use Python 3.", "fork": false, "created_at": "2022-10-19T10:36:10Z", "updated_at": "2022-10-20T10:29:58Z", "pushed_at": "2023-10-26T18:56:56Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve-2020-0688" ], "visibility": "public", "forks": 0, "watchers": 2, "score": 0, "subscribers_count": 1 }, { "id": 673661773, "name": "CVE-2020-0688-Exchange2010", "full_name": "chudamax\/CVE-2020-0688-Exchange2010", "owner": { "login": "chudamax", "id": 11056491, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11056491?v=4", "html_url": "https:\/\/github.com\/chudamax" }, "html_url": "https:\/\/github.com\/chudamax\/CVE-2020-0688-Exchange2010", "description": "CVE-2020-0688 modified exploit for Exchange 2010 ", "fork": false, "created_at": "2023-08-02T06:25:06Z", "updated_at": "2023-09-28T11:46:43Z", "pushed_at": "2023-08-02T06:36:28Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 1, "score": 0, "subscribers_count": 1 } ]