cve-2020-0787

Posted 山川绿水

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了cve-2020-0787相关的知识,希望对你有一定的参考价值。

cve-2020-0787

一、影响版本

基本上Windows全版本

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1709 for x64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for Itanium-Based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server, version 1803 (Server Core Installation)

Windows Server, version 1903 (Server Core installation)

Windows Server, version 1909 (Server Core installation)

二、环境搭建

1.镜像的下载

https://msdn.itellyou.cn/


选择适合自己想找的版本

勾选找到的适合版本,详细信息,复制下方的链接,使用迅雷下载。

2.靶场搭建

VMare搭建环境,这里就不再赘述,请参考我的另外一篇博客
https://blog.csdn.net/m_de_g/article/details/119957223

3.新建一个普通用户

在使用dos命令或powershell的过程中需要使用的是管理员权限

net user test test123 /add

三、exp下载

下载链接:
https://github.com/cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION


下载之后是个压缩包文件,我们将其解压放到我们的靶机上
找到文件里的路径

C:\\Users\\test\\Desktop\\CVE-2020-0787-EXP-ALL-WINDOWS-VERSION-1\\BitsArbitraryFileMove-master\\x64\\Debug


成功执行完之后,弹出的已经是system权限


cms本地提权成功

四、参考链接

https://www.bilibili.com/read/cv6581994/

以上是关于cve-2020-0787的主要内容,如果未能解决你的问题,请参考以下文章

VSCode自定义代码片段——CSS选择器

谷歌浏览器调试jsp 引入代码片段,如何调试代码片段中的js

片段和活动之间的核心区别是啥?哪些代码可以写成片段?

VSCode自定义代码片段——.vue文件的模板

VSCode自定义代码片段6——CSS选择器

VSCode自定义代码片段——声明函数