close

MS14-068(CVE-2014-6324)

Kerberos 校驗和漏洞

https://nvd.nist.gov/vuln/detail/CVE-2014-6324

EXP/POC:

https://github.com/abatchy17/WindowsExploits/tree/master/MS14-068

CVE-2020-1472

Netlogon 特權提升漏洞

https://nvd.nist.gov/vuln/detail/CVE-2020-1472

EXP/POC:

https://github.com/blackarrowsec/redteam-research/tree/master/CVE-2020-1472

CVE-2021-42287&42278

Windows 域服務權限提升漏洞

https://nvd.nist.gov/vuln/detail/CVE-2021-42287

https://nvd.nist.gov/vuln/detail/CVE-2021-42278

EXP/POC:

https://github.com/WazeHell/sam-the-admin

https://github.com/cube0x0/noPac

CVE-2019-1040

Microsoft Windows NTLM 認證漏洞

https://nvd.nist.gov/vuln/detail/CVE-2019-1040

https://paper.seebug.org/962/

EXP/POC:

https://github.com/Ridter/CVE-2019-1040

CVE-2018-8581

Microsoft Exchange 任意用戶偽造漏洞

https://nvd.nist.gov/vuln/detail/CVE-2018-8581

EXP/POC:

https://github.com/Ridter/Exchange2domain

CVE-2020-0688

Microsoft Exchange 反序列化 RCE

https://nvd.nist.gov/vuln/detail/CVE-2020-0688

EXP/POC:

https://github.com/zcgonvh/CVE-2020-0688

CVE-2021-1675

Windows Print Spooler 權限提升漏洞

https://nvd.nist.gov/vuln/detail/CVE-2021-1675

EXP/POC:

https://github.com/cube0x0/CVE-2021-1675

CVE-2021-26855/CVE-2021-27065

Exchange ProxyLogon 遠程代碼執行漏洞

https://nvd.nist.gov/vuln/detail/CVE-2021-26855

https://nvd.nist.gov/vuln/detail/CVE-2021-27065

EXP/POC:

https://github.com/hausec/ProxyLogon

CVE-2020-17144

Microsoft Exchange 遠程代碼執行漏洞

https://nvd.nist.gov/vuln/detail/CVE-2020-17144

EXP/POC:

https://github.com/Airboi/CVE-2020-17144-EXP

CVE-2020-16875

Microsoft Exchange 遠程代碼執行漏洞

https://nvd.nist.gov/vuln/detail/CVE-2020-16875

EXP/POC:

https://srcincite.io/pocs/cve-2020-16875.py.txt

CVE-2021-34473

Exchange ProxyShell SSRF

https://nvd.nist.gov/vuln/detail/CVE-2021-34473

EXP/POC:

https://github.com/dmaasland/proxyshell-poc

CVE-2021-33766

Exchange ProxyToken 信息泄露漏洞

https://nvd.nist.gov/vuln/detail/CVE-2021-33766

EXP/POC:

https://github.com/bhdresh/CVE-2021-33766-ProxyToken

轉自:http://uuzdaisuki.com/

作者:Leticia's

侵權請私聊公眾號刪文

熱文推薦

藍隊應急響應姿勢之Linux

通過DNSLOG回顯驗證漏洞

記一次服務器被種挖礦溯源

內網滲透初探 | 小白簡單學習內網滲透

實戰|通過惡意 pdf 執行 xss 漏洞

免殺技術有一套(免殺方法大集結)(Anti-AntiVirus)

內網滲透之內網信息查看常用命令

關於漏洞的基礎知識

任意賬號密碼重置的6種方法

乾貨 | 橫向移動與域控權限維持方法總匯

手把手教你Linux提權

歡迎關注LemonSec


覺得不錯點個「贊」、「在看」哦

arrow
arrow
    全站熱搜
    創作者介紹
    創作者 鑽石舞台 的頭像
    鑽石舞台

    鑽石舞台

    鑽石舞台 發表在 痞客邦 留言(0) 人氣()