CVEs-PoC/2020/CVE-2020-0688.md

CVE-2020-0688

Description

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.

POC

Reference

• http://packetstormsecurity.com/files/156592/Microsoft-Exchange-2019-15.2.221.12-Remote-Code-Execution.html
• http://packetstormsecurity.com/files/156620/Exchange-Control-Panel-Viewstate-Deserialization.html

Github

• https://github.com/0x783kb/Security-operation-book
• https://github.com/0xMarcio/cve
• https://github.com/0xMrNiko/Awesome-Red-Teaming
• https://github.com/0xT11/CVE-POC
• https://github.com/1337-llama/CVE-2020-0688-Python3
• https://github.com/20142995/sectool
• https://github.com/3gstudent/Homework-of-C-Sharp
• https://github.com/5l33m/nmap_vulnerability-analyzer
• https://github.com/5thphlame/OSCP-NOTES-ACTIVE-DIRECTORY-1
• https://github.com/61106960/adPEAS
• https://github.com/7heKnight/CVE-2020-0688
• https://github.com/ANON-D46KPH4TOM/Active-Directory-Exploitation-Cheat-Sheets
• https://github.com/ARPSyndicate/cvemon
• https://github.com/Amar224/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/Amar224/Pentest-Tools
• https://github.com/AnonVulc/Pentest-Tools
• https://github.com/AshikAhmed007/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/Aslamlatheef/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/C4tWithShell/CCF
• https://github.com/CVEDB/PoC-List
• https://github.com/CVEDB/awesome-cve-repo
• https://github.com/CVEDB/top
• https://github.com/CnHack3r/Penetration_PoC
• https://github.com/Coldplay1517/Middleware-Vulnerability-detection-master
• https://github.com/Deep-Bagchi/ysoserial.net
• https://github.com/EchoGin404/-
• https://github.com/EchoGin404/gongkaishouji
• https://github.com/EvilAnne/2020-Read-article
• https://github.com/FDlucifer/Proxy-Attackchain
• https://github.com/GhostTroops/TOP
• https://github.com/H1CH444MREB0RN/PenTest-free-tools
• https://github.com/HackingCost/AD_Pentest
• https://github.com/ImranTheThirdEye/AD-Pentesting-Tools
• https://github.com/JERRY123S/all-poc
• https://github.com/JFR-C/Windows-Penetration-Testing
• https://github.com/Jalexander798/JA_Tools-ActiveDirectory-Exploitation
• https://github.com/Jean-Francois-C/Windows-Penetration-Testing
• https://github.com/Jumbo-WJB/CVE-2020-0688
• https://github.com/Ken-Abruzzi/cve_2020_0688
• https://github.com/LostZX/ExchangeLearn
• https://github.com/Mehedi-Babu/active_directory_chtsht
• https://github.com/Mehedi-Babu/pentest_tools_repo
• https://github.com/Mohit0/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/Mr-xn/Penetration_Testing_POC
• https://github.com/MrPWH/Pentest-Tools
• https://github.com/MrTiz/CVE-2020-0688
• https://github.com/Ostorlab/KEV
• https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
• https://github.com/PuddinCat/GithubRepoSpider
• https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet.
• https://github.com/Ridter/cve-2020-0688
• https://github.com/RistBS/Awesome-RedTeam-Cheatsheet
• https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/S3cur3Th1sSh1t/My-starred-Repositories
• https://github.com/S3cur3Th1sSh1t/Pentest-Tools
• https://github.com/SLSteff/CVE-2020-0688-Scanner
• https://github.com/SexyBeast233/SecBooks
• https://github.com/ShawnDEvans/smbmap
• https://github.com/SofianeHamlaoui/Conti-Clear
• https://github.com/TheKickPuncher/CVE-2020-0688-Python3
• https://github.com/TrojanAZhen/Self_Back
• https://github.com/Tyro-Shan/gongkaishouji
• https://github.com/ViniciusClement/OSCP_2025
• https://github.com/ViperXSecurity/OpenResearch
• https://github.com/W01fh4cker/CVE-2020-0688-GUI
• https://github.com/W01fh4cker/CVE-2025-30406
• https://github.com/Waseem27-art/ART-TOOLKIT
• https://github.com/YIXINSHUWU/Penetration_Testing_POC
• https://github.com/YellowVeN0m/Pentesters-toolbox
• https://github.com/Yt1g3r/CVE-2020-0688_EXP
• https://github.com/ZTK-009/Penetration_PoC
• https://github.com/ZTK-009/RedTeamer
• https://github.com/abdallaabdalrhman/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/adarshshetty1/content
• https://github.com/ann0906/Proxylogon-106370718
• https://github.com/anquanscan/sec-tools
• https://github.com/apachecn-archive/Middleware-Vulnerability-detection
• https://github.com/awsassets/CVE-2020-0692
• https://github.com/aymankhder/AD-esploitation-cheatsheet
• https://github.com/aymankhder/Windows-Penetration-Testing
• https://github.com/bhdresh/SnortRules
• https://github.com/byt3n33dl3/CrypeAlbatros
• https://github.com/cepxeo/redteambins
• https://github.com/cert-lv/CVE-2020-0688
• https://github.com/certat/exchange-scans
• https://github.com/cetriext/fireeye_cves
• https://github.com/chudamax/CVE-2020-0688-Exchange2010
• https://github.com/cyb3rpeace/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/cyberanand1337x/bug-bounty-2022
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/diyarit/Ad-Peas
• https://github.com/dnif/content
• https://github.com/drerx/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/elinakrmova/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/elinakrmova/RedTeam-Tools
• https://github.com/emtee40/win-pentest-tools
• https://github.com/fengjixuchui/RedTeamer
• https://github.com/ftk-sostupid/Test
• https://github.com/gecr07/Notepad
• https://github.com/getanehAl/Windows-Penetration-Testing
• https://github.com/goddemondemongod/Sec-Interview
• https://github.com/hack-parthsharma/Pentest-Tools
• https://github.com/hasee2018/Penetration_Testing_POC
• https://github.com/hectorgie/PoC-in-GitHub
• https://github.com/hktalent/TOP
• https://github.com/hktalent/bug-bounty
• https://github.com/hktalent/ysoserial.net
• https://github.com/horshark/akb-explorer
• https://github.com/huike007/penetration_poc
• https://github.com/huike007/poc
• https://github.com/huisetiankong478/penetration_poc
• https://github.com/huisetiankong478/poc
• https://github.com/irsdl/ysonet
• https://github.com/itwm/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/jared1981/More-Pentest-Tools
• https://github.com/jbmihoub/all-poc
• https://github.com/justin-p/PSForgot2kEyXCHANGE
• https://github.com/k0imet/CVE-POCs
• https://github.com/k8gege/Ladon
• https://github.com/kdandy/pentest_tools
• https://github.com/ktpdpro/CVE-2020-0688
• https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest
• https://github.com/lions2012/Penetration_Testing_POC
• https://github.com/lnick2023/nicenice
• https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection
• https://github.com/mahyarx/Exploit_CVE-2020-0688
• https://github.com/med0x2e/GadgetToJScript
• https://github.com/merlinepedra/Pentest-Tools
• https://github.com/merlinepedra25/Pentest-Tools
• https://github.com/merlinepedra25/Pentest-Tools-1
• https://github.com/michael101096/cs2020_msels
• https://github.com/mr-yeet/RistBSs_Awesome-RedTeam-Cheatsheet
• https://github.com/mranv/adPentest
• https://github.com/murataydemir/CVE-2020-0688
• https://github.com/nholuongut/active-directory-exploitation-cheat-sheet
• https://github.com/nitishbadole/Pentest_Tools
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/onSec-fr/CVE-2020-0688-Scanner
• https://github.com/password520/Penetration_PoC
• https://github.com/password520/RedTeamer
• https://github.com/pathakabhi24/Pentest-Tools
• https://github.com/pentration/gongkaishouji
• https://github.com/phackt/Invoke-Recon
• https://github.com/pjgmonteiro/Pentest-tools
• https://github.com/puckiestyle/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/puckiestyle/ysoserial.net
• https://github.com/pwntester/ysoserial.net
• https://github.com/qazbnm456/awesome-cve-poc
• https://github.com/r0eXpeR/redteam_vul
• https://github.com/rajbhx/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/random-robbie/cve-2020-0688
• https://github.com/ravinacademy/CVE-2020-0688
• https://github.com/retr0-13/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/retr0-13/Pentest-Tools
• https://github.com/righter83/CVE-2020-0688
• https://github.com/rodrigosilvaluz/JUST_WALKING_DOG
• https://github.com/rumputliar/Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/s3mPr1linux/JUST_WALKING_DOG
• https://github.com/seclib/Active-Directory-Exploitation
• https://github.com/secret-arrow/ysoserial.net
• https://github.com/severnake/Pentest-Tools
• https://github.com/sherehiyandriy/CSharp-Example
• https://github.com/snakesec/smbmap
• https://github.com/soosmile/POC
• https://github.com/sponkmonk/Ladon_english_update
• https://github.com/superfish9/pt
• https://github.com/taielab/awesome-hacking-lists
• https://github.com/tdtc7/qps
• https://github.com/theSevenSleepers/https-github.com-ShawnDEvans-smbmap
• https://github.com/theyoge/AD-Pentesting-Tools
• https://github.com/tijldeneut/Security
• https://github.com/tiyeuse/Active-Directory-Cheatsheet
• https://github.com/todo1024/2041
• https://github.com/todo1024/2102
• https://github.com/truongtn/cve-2020-0688
• https://github.com/truongtn/python-FUD
• https://github.com/tvdat20004/CVE-2020-0688
• https://github.com/uhub/awesome-c-sharp
• https://github.com/undefined-name12/Cheat-Sheet-Active-Directory
• https://github.com/w4fz5uck5/cve-2020-0688-webshell-upload-technique
• https://github.com/weeka10/-hktalent-TOP
• https://github.com/whitfieldsdad/epss
• https://github.com/whoami-chmod777/SMBMap
• https://github.com/whoami-chmod777/Tib3rius-Active-Directory-Exploitation-Cheat-Sheet
• https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
• https://github.com/xbl2022/awesome-hacking-lists
• https://github.com/xbl3/awesome-cve-poc_qazbnm456
• https://github.com/xuetusummer/Penetration_Testing_POC
• https://github.com/yedada-wei/-
• https://github.com/yedada-wei/gongkaishouji
• https://github.com/youncyb/CVE-2020-0688
• https://github.com/zcgonvh/CVE-2020-0688
• https://github.com/zer0yu/Intranet_Penetration_CheetSheets
• https://github.com/zer0yu/RedTeam_CheetSheets
• https://github.com/zyn3rgy/ecp_slap