CVEs-PoC/2020/CVE-2020-0601.md

CVE-2020-0601

Description

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.

POC

Reference

• http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
• http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html

Github

• https://github.com/0day404/vulnerability-poc
• https://github.com/0kraven/MalDevJournal
• https://github.com/0x06K/MalDevJournal
• https://github.com/0xT11/CVE-POC
• https://github.com/0xxon/cve-2020-0601
• https://github.com/0xxon/cve-2020-0601-plugin
• https://github.com/0xxon/cve-2020-0601-utils
• https://github.com/20142995/sectool
• https://github.com/3th1c4l-t0n1/EnableWindowsLogSettings
• https://github.com/5l1v3r1/CVE-2020-0606
• https://github.com/84KaliPleXon3/ctf-katana
• https://github.com/ARPSyndicate/cve-scores
• https://github.com/ARPSyndicate/cvemon
• https://github.com/AWimpyNiNjA/Powershell
• https://github.com/Abhijeet-Khanzode/TASK3
• https://github.com/AdavVegab/PoC-Curveball
• https://github.com/AmitNiz/exploits
• https://github.com/AndreLlorente/NVD_CVE_EXTRACTOR
• https://github.com/ArrestX/--POC
• https://github.com/Ash112121/CVE-2020-0601
• https://github.com/BlueTeamSteve/CVE-2020-0601
• https://github.com/CVEDB/PoC-List
• https://github.com/CVEDB/awesome-cve-repo
• https://github.com/CVEDB/top
• https://github.com/CheatBreaker/Security-Advisory
• https://github.com/CnHack3r/Penetration_PoC
• https://github.com/DipeshGarg/Shell-Scripts
• https://github.com/Doug-Moody/Windows10_Cumulative_Updates_PowerShell
• https://github.com/EchoGin404/-
• https://github.com/EchoGin404/gongkaishouji
• https://github.com/ExpLife0011/awesome-windows-kernel-security-development
• https://github.com/FumoNeko/Hashcheck
• https://github.com/Ghebriou/platform_pfe
• https://github.com/GhostTroops/TOP
• https://github.com/Hans-MartinHannibalLauridsen/CurveBall
• https://github.com/IIICTECH/-CVE-2020-0601-ECC---EXPLOIT
• https://github.com/InQuest/yara-rules
• https://github.com/Information-Warfare-Center/CSI-SIEM
• https://github.com/JERRY123S/all-poc
• https://github.com/JPurrier/CVE-2020-0601
• https://github.com/Jashanveer-Singh/cryptographic_failure
• https://github.com/JoelBts/CVE-2020-0601_PoC
• https://github.com/JohnHammond/ctf-katana
• https://github.com/KayCHENvip/vulnerability-poc
• https://github.com/MarkusZehnle/CVE-2020-0601
• https://github.com/Miraitowa70/POC-Notes
• https://github.com/Mr-xn/Penetration_Testing_POC
• https://github.com/Ondrik8/exploit
• https://github.com/Ostorlab/KEV
• https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
• https://github.com/RrUZi/Awesome-CVE-2020-0601
• https://github.com/SaraArif6198/SQL-Injection-Report
• https://github.com/SatenderKumar3024/CompTIA-Cloud-Certification-Exam---EXAM-NUMBER-CV0-004---Satender-Kumar
• https://github.com/SexyBeast233/SecBooks
• https://github.com/ShayNehmad/twoplustwo
• https://github.com/SherlockSec/CVE-2020-0601
• https://github.com/TBHIDK24/MalDevJournal
• https://github.com/TBHIDK57/MalDevJournal
• https://github.com/Threekiii/Awesome-POC
• https://github.com/TrojanAZhen/Self_Back
• https://github.com/Tyro-Shan/gongkaishouji
• https://github.com/XTeam-Wing/RedTeaming2020
• https://github.com/XiaomingX/awesome-poc-for-red-team
• https://github.com/YIXINSHUWU/Penetration_Testing_POC
• https://github.com/Yamato-Security/EnableWindowsLogSettings
• https://github.com/YoannDqr/CVE-2020-0601
• https://github.com/YojimboSecurity/YojimboSecurity
• https://github.com/YojimboSecurity/chainoffools
• https://github.com/ZTK-009/Penetration_PoC
• https://github.com/amlweems/gringotts
• https://github.com/apmunch/CVE-2020-0601
• https://github.com/apodlosky/PoC_CurveBall
• https://github.com/aymankhder/ctf_solver
• https://github.com/badigervijay/AI-Based-Threat-Intelligence-Platform
• https://github.com/bsides-rijeka/meetup-2-curveball
• https://github.com/bzuracyber/Azure-Compliance-as-Code-Pipeline
• https://github.com/cimashiro/-Awesome-CVE-2020-0601-
• https://github.com/cisagov/Malcolm
• https://github.com/crnnr/SS25-Kryptologie2
• https://github.com/cyberanand1337x/bug-bounty-2022
• https://github.com/d4n-sec/d4n-sec.github.io
• https://github.com/david4599/CurveballCertTool
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/dlee35/curveball_lua
• https://github.com/eastmountyxz/CSDNBlog-Security-Based
• https://github.com/eastmountyxz/CVE-2018-20250-WinRAR
• https://github.com/eastmountyxz/CVE-2020-0601-EXP
• https://github.com/eastmountyxz/NetworkSecuritySelf-study
• https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis
• https://github.com/elikaski/ECC_Attacks
• https://github.com/exploitblizzard/CVE-2020-0601-spoofkey
• https://github.com/gautam0786/Cybersecurity-Intern-task-3
• https://github.com/gentilkiwi/curveball
• https://github.com/githuberxu/Safety-Books
• https://github.com/gremwell/cve-2020-0601_poc
• https://github.com/gremwell/qsslcaudit
• https://github.com/gremwell/qsslcaudit-pkg-deb
• https://github.com/hackerhouse-opensource/exploits
• https://github.com/hasee2018/Penetration_Testing_POC
• https://github.com/hectorgie/PoC-in-GitHub
• https://github.com/hktalent/TOP
• https://github.com/huike007/penetration_poc
• https://github.com/huike007/poc
• https://github.com/huisetiankong478/penetration_poc
• https://github.com/huisetiankong478/poc
• https://github.com/huynhvanphuc/EnableWindowsLogSettings
• https://github.com/hwiwonl/dayone
• https://github.com/ioncodes/Curveball
• https://github.com/ioncodes/ioncodes
• https://github.com/jbmihoub/all-poc
• https://github.com/kerk1/WarfareCenter-CSI-SIEM
• https://github.com/kudelskisecurity/chainoffools
• https://github.com/kudelskisecurity/northsec_crypto_api_attacks
• https://github.com/lions2012/Penetration_Testing_POC
• https://github.com/lnick2023/nicenice
• https://github.com/ly4k/CurveBall
• https://github.com/mazharkhanpathan61354/cyber-security-internship-task-3
• https://github.com/mmguero-dev/Malcolm-PCAP
• https://github.com/modubyk/CVE_2020_0601
• https://github.com/mvlnetdev/zeek_detection_script_collection
• https://github.com/nissan-sudo/CVE-2020-0601
• https://github.com/nitinsanap95-hash/Elevate-Lab-Task-3
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/okanulkr/CurveBall-CVE-2020-0601-PoC
• https://github.com/password520/Penetration_PoC
• https://github.com/pentration/gongkaishouji
• https://github.com/pravinsrc/NOTES-windows-kernel-links
• https://github.com/qazbnm456/awesome-cve-poc
• https://github.com/robmichel2854/robs-links
• https://github.com/s1lver-lining/Starlight
• https://github.com/saleemrashid/badecparams
• https://github.com/shengshengli/NetworkSecuritySelf-study
• https://github.com/soosmile/POC
• https://github.com/sourcx/zeekweek-2021
• https://github.com/supermandw2018/SystemSecurity-ReverseAnalysis
• https://github.com/talbeerysec/CurveBallDetection
• https://github.com/thimelp/cve-2020-0601-Perl
• https://github.com/tim3959951/CVE-Analysis-Agent
• https://github.com/tobor88/PowerShell-Blue-Team
• https://github.com/tyj956413282/curveball-plus
• https://github.com/ucsb-seclab/DeepCASE-Dataset
• https://github.com/weeka10/-hktalent-TOP
• https://github.com/willamygarcia/Vuln_Windows_7_11
• https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
• https://github.com/xbl3/awesome-cve-poc_qazbnm456
• https://github.com/xuetusummer/Penetration_Testing_POC
• https://github.com/yanghaoi/CVE-2020-0601
• https://github.com/yedada-wei/-
• https://github.com/yedada-wei/gongkaishouji
• https://github.com/yo-yo-yo-jbo/ecc_intro
• https://github.com/yshneyderman/CS590J-Capstone
• https://github.com/yuxulu/snoopy
• https://github.com/ztora/msvuln
• https://github.com/zzyss-marker/NetworkSecuritySelf-study