DurianComm WAF LogAnalysis

SCENARIO INFORMATION

DESCRIPTION:

This scenario serves as a guide on how to:

– Understand Microsoft Exchange Memory Corruption vulnerability CVE-2020-0688 found on all versions of windows exchange prior to 2019.

– Carry out a vulnerability scan to detect Microsoft Exchange Memory Corruption vulnerability CVE-2020-0688 and later run an exploit on the target machine to get a remote shell with system privileges on the victim Machine.

– Exploit this vulnerability on the target machine to get a remote shell with system privileges on the victim Machine is also part of what will be demonstrated in this scenario.

OBJECTIVES AND OUTCOME:

After completing this scenario you will be able to:

– Identify Microsoft Exchange Memory Corruption Vulnerability CVE-2020-0688 ,
– Use a publicly available exploit or metasploit to exploit the same.

PRE-REQUISITES:

In order to get the full benefit from this scenario, it is suggested that you have competencies in the following areas:

– Basic Linux and Windows command line knowledge
– Basic understanding of networking
– Familiarity with Metasploit and and exploit modules
– Some knowledge on deserialization of objects

RECOMMENDED READING:

It is suggested that you consult with these recommended reading resources and pre-existing scenarios:

https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-0688

https://www.security7.net/news/cve-2020-0688-patch-your-exchange-servers

AUTHOR:

This scenario was created by Timothy Wambua

MODE SINGLEPLAYER
Type CYBER CHALLENGE
DIFFICULTY EASY
TIME 2 HOURS
COST 10 GEMS

Start Scenario

RegisterLogin
Facebook
Twitter
LinkedIn
Reddit
WhatsApp
Telegram
Scroll to Top