Skip to content
/ CVE-2020-3952 Public

VMWare vmdir missing access control exploit checker

2 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

gelim/CVE-2020-3952

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 
exploit_check.py
exploit_check.py
 
 
vmware.rules
vmware.rules
 
 

Repository files navigation

Script to check for vulnerable status of CVE-2020-3952

It is inspired from guardicore exploit but with a slight difference: it does NOT create an admin user.

It will assess the vulnerable status by validating that the builtin Administrators group can be tainted by creating or appending the harmless 'description' attribute.

Check

Usage:

$ python exploit_check.py vserver_ip

Detect attempts

suricata signature rule vmware.rules is a naive approach catching the LDAP modify operation on the Administrators group. It needs to be customized with a proper signature id sid and you can tune the src and dst subnets that are set by default to any here.

It could be improved by looking specifically at members addition.

About

VMWare vmdir missing access control exploit checker

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages