Manage Engine OpManager CVE-2020-28653 Proof of Concept

This proof of concept detects whether a Manage Engine OpManager instance is vulnerable to CVE-2020-28653. Detection is performed by firing off a request containing the serialized payload to the instance. Upon the payload being deserialized, it will cause the instance to invoke a DNS Lookup.

Installation

Clone the repository by running: git clone https://github.com/intrigueio/cve-2020-2853-poc
Install the required dependencies by running: bundle install

Usage

bundle exec ruby CVE-2020-28653.rb [options]
    -t target                        target to exploit (including scheme) e.g http://localhost:8060
    -l listener                      DNS Listener e.g 1766x23ymcldy2ppolrnvxngc7ix6m.burpcollaborator.net
    -p /path/to/ysoserial.jar        Path to ysoserial.jar

References

https://haxolot.com/posts/2021/manageengine_opmanager_pre_auth_rce/

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
1002.ser		1002.ser
CVE-2020-28653.rb		CVE-2020-28653.rb
Gemfile		Gemfile
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Manage Engine OpManager CVE-2020-28653 Proof of Concept

Installation

Usage

References

Credits

About

Releases

Packages

Languages

intrigueio/cve-2020-28653-poc

Folders and files

Latest commit

History

Repository files navigation

Manage Engine OpManager CVE-2020-28653 Proof of Concept

Installation

Usage

References

Credits

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages