提权漏洞和域渗透历史漏洞整理
Posted 李白你好
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了提权漏洞和域渗透历史漏洞整理相关的知识,希望对你有一定的参考价值。
Windows提权在线辅助工具
https://i.hacking8.com/tiquan/
🌴Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
https://github.com/Ascotbe/Kernelhub/blob/master/README.CN.md
https://github.com/SecWiki/windows-kernel-exploits
MS14-068(CVE-2014-6324)
Kerberos 校验和漏洞
https://nvd.nist.gov/vuln/detail/CVE-2014-6324
EXP/POC:
https://github.com/abatchy17/WindowsExploits/tree/master/MS14-068
CVE-2020-1472
Netlogon特权提升漏洞
https://nvd.nist.gov/vuln/detail/CVE-2020-1472
EXP/POC:
https://github.com/blackarrowsec/redteam-research/tree/master/CVE-2020-1472
CVE-2021-42287&42278
Windows域服务权限提升漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-42287
https://nvd.nist.gov/vuln/detail/CVE-2021-42278
EXP/POC:
https://github.com/WazeHell/sam-the-admin
https://github.com/cube0x0/noPac
CVE-2019-1040
Microsoft Windows NTLM认证漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-1040
https://paper.seebug.org/962/
EXP/POC:
https://github.com/Ridter/CVE-2019-1040
CVE-2018-8581
Microsoft Exchange任意用户伪造漏洞
https://nvd.nist.gov/vuln/detail/CVE-2018-8581
EXP/POC:
https://github.com/Ridter/Exchange2domain
CVE-2020-0688
Microsoft Exchange 反序列化RCE
https://nvd.nist.gov/vuln/detail/CVE-2020-0688
EXP/POC:
https://github.com/zcgonvh/CVE-2020-0688
CVE-2021-1675
Windows Print Spooler权限提升漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-1675
EXP/POC:
https://github.com/cube0x0/CVE-2021-1675
CVE-2021-26855/CVE-2021-27065
Exchange ProxyLogon远程代码执行漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-26855
https://nvd.nist.gov/vuln/detail/CVE-2021-27065
EXP/POC:
https://github.com/hausec/ProxyLogon
CVE-2020-17144
Microsoft Exchange 远程代码执行漏洞
https://nvd.nist.gov/vuln/detail/CVE-2020-17144
EXP/POC:
https://github.com/Airboi/CVE-2020-17144-EXP
CVE-2020-16875
Microsoft Exchange 远程代码执行漏洞
https://nvd.nist.gov/vuln/detail/CVE-2020-16875
EXP/POC:
https://srcincite.io/pocs/cve-2020-16875.py.txt
CVE-2021-34473
Exchange ProxyShell SSRF
https://nvd.nist.gov/vuln/detail/CVE-2021-34473
EXP/POC:
https://github.com/dmaasland/proxyshell-poc
CVE-2021-33766
Exchange ProxyToken 信息泄露漏洞
https://nvd.nist.gov/vuln/detail/CVE-2021-33766
EXP/POC:
https://github.com/bhdresh/CVE-2021-33766-ProxyToken
以上是关于提权漏洞和域渗透历史漏洞整理的主要内容,如果未能解决你的问题,请参考以下文章