jamf/CVE-2020-1206-POC

This repository has been archived on 09/May/2023
Stars
146
Rank 252,769 (Top 5 %)
Language
C#
License
Other
Created over 4 years ago
Updated over 4 years ago

jamf/CVE-2020-1206-POC

jamf

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

CVE-2020-1206 Uninitialized Kernel Memory Read POC

CVE-2020-1206 Uninitialized Kernel Memory Read POC

(c) 2020 ZecOps, Inc. - https://www.zecops.com - Find Attackers' Mistakes
POC to check for CVE-2020-1206 / "SMBleed"
Expected outcome: Local file containing target computer kernel memory.
Intended only for educational and testing in corporate environments.
ZecOps takes no responsibility for the code, use at your own risk.
Please contact [email protected] if you are interested in agent-less DFIR tools for Servers, Endpoints, and Mobile Devices to detect SMBleed and other types of attacks automatically.

Usage

SMBleed.exe server_name ip_address domain user pass share_name remote_path local_path

Compiled POC

You can get the compiled POC here.

Compiling

Use Visual Studio to compile the following projects:

ProtoSDK\Asn1Base\Asn1Base.csproj
ProtoSDK\MS-XCA\Xca.csproj
ProtoSDK\MS-SMB2\Smb2.sln

Use the resulting exe file to run the POC.

References

PPPC-Utility

Privacy Preferences Policy Control (PPPC) Utility

CVE-2020-0796-RCE-POC

CVE-2020-0796 Remote Code Execution POC

aftermath

Aftermath is a free macOS IR framework

DEPNotify-Starter

Bash script to start DEPNotify and run policies during enrollment with Jamf Pro

NetSUS

NetBoot and Software Update Server

MakeMeAnAdmin

Provides temporary admin access for a standard user via Jamf Self Service

CVE-2020-0796-LPE-POC

CVE-2020-0796 Local Privilege Escalation POC

FreeTheSandbox_LPE_POC_13.7

Jailbreak for iOS 13.7 and earlier

jamfprotect

A repository for open-source resources created for use with or alongside Jamf Protect.

Jamf-Nation-Scripts

Scripts Migrated from Jamf Nation

FileVault2_Scripts

Scripts and Extension Attributes for use with FileVault 2 on Mountain Lion

JamfMigrator

A tool to migrate data granularly between Jamf Pro servers

mut

JAWA

Jamf Automation and Webhook Assistant

CIS-for-macOS-Catalina-CP

CIS Benchmarks for macOS Catalina

Notifier

Swift project which can post macOS alert or banner notifications on 10.15+ clients

Jamf-Nation-Extension-Attributes

zecops_public

API_Scripts

Scripts that make use of the JAMF Software Server API

JamfPrivacyPreferencePolicyControlProfiles

CIS-for-macOS-Sierra

ReEnroller

Migrate macOS devices from one Jamf Server to another.

Jamf-Environment-Test

Admin Utility for testing an environments network for success with Apple Devices

jamfStatus

Menu app to monitor JamfCloud status

jamJAR

jamJAR: Jamf, AutoPKG & Munki combined by dataJAR

jamfconnect

A repository for Jamf Connect scripts, configuration profile templates,EAs and more!

jamfpro

JamfPro Docker image

regatta

Regatta is a distributed key-value store. It is Kubernetes friendly with emphasis on high read throughput and low operational cost.

NoMAD-2

A complete ground-up rewrite of NoMAD utilizing the same AD Auth Framework found in NoMAD Login.

NoMADLogin-AD

Login to an AD user account without binding your Mac to AD.

JamfSync

Jamf Sync utility for synchronizing between Jamf Pro distribution points and/or file folders

SMBGhost-SMBleed-scanner

SMBGhost (CVE-2020-0796) and SMBleed (CVE-2020-1206) Scanner

DEPNotify

Classic-API-Postman-Collection

2016_JNUC_Security_Reporting_Compliance

Repo for code used in all presentation slides from the 2016 JNUC Presentation "Digging into Security, Compliance, and Reporting"

Provisioning-Workflows

Provisioning Workflows for a Post-Imaging World

CIS-for-macOS-High-Sierra-CP

jamf-printer-manager

macOS app to upload printer configurations to Jamf Pro

jamf-laps-public

A GUI app for retrieving Jamf Pro LAPS ("Local Administrator Password Solution") credentials

ManagedAppConfigLib

Makes Managed AppConfig on iOS, tvOS, and macOS easier to work with.

Jamf-Connect-Resources

A repository for Jamf Connect scripts, configuration profile templates, and legacy content.

Subprocess

Swift library for macOS providing interfaces for both synchronous and asynchronous process execution

powerbi

Jamf PowerBi Integration

NoMAD

Get all of AD, with none of the bind!

JamfProvisioner

An Automated Erase/Install Workflow for macOS and Jamf Pro

ol

Misc Jamf-related Projects

Mac-Asset-Tag

A script that generates a GUI to accept a user input asset tag for the Mac.

CIS-for-macOS-Sierra-CP

CIS for macOS 10.12 remediated with script and configuration profiles

AppConfig-Generator

Scripting-101-Webinar

Resources for the "Scripting 101 for Apple Admins" webinar - June 2019

Jamf-Pro-Object-LookUp

Script to query Jamf Pro and find what an Object is associated with

STIG-macOS-10_14

STIG for macOS Mojave - audit and remediation with scripts and Configuration Profiles

Munki-Catalog-Browser

Munki Catalog Browser is an app which allows for easy browsing of items in your devices Munki catalogs as well as exporting to CSV

homebrew-tap

CIS-for-macOS-High-Sierra

JamfConnectUninstall

NoMAD-ADAuth

CertificateSDK

Get Certificates From Jamf Pro Into Your iOS Apps

Jamf-Switcher

Jamf Switcher is an app which points either Jamf Pro applications or your browser to a particular Jamf deployment and is configured by Self Service Bookmarks

jamf_connectwise

An integration between Connectwise and Jamf Pro

SmashingJamfProDashboards

Example jobs, dashboard and YAML file for use with Jamf Pro and Smashing

rendr

A project scaffolding tool

AppConfigSpecCreator

Tool for Generation of Managed App Config Spec Files

authchanger

Utility for making changes to the macOS authorization database to easily allow for changing loginwindow mechanisms.

Jamf-Connect-Configurations-Templates

JamfSupport

JSS-LDAP-Sync

Sync department and building objects in the JSS with LDAP records

TableauIntegrations

groupsync

Sync LDAP groups with GitHub teams (and possibly more in the future).

Classic-API-Swagger-Specification

JamfProtect-PPPC-Profile

A PPPC configuration profile to allow full disk and accessibility permissions for computers with the Jamf Protect agent.

SplunkBase

Jamf's Published Splunk Base Integration

anti-phishing-extension

Augment the web with indicators that help detect phishing attempts

regatta-go

Regatta client for Go language

JamfProFlow

Database application for managing configuration sets and change-managed workflows in Jamf Pro

GDPRAutomationTool

Haversack

A Swift library for keychain access on Apple devices

kinobi-title-editor

gitlab_license_exporter

Gitlab License Information exporter

testrail-reporting

Easily send results of your tests to Test Rail.

RADAR_API_Postman_Collection

billboard

TELUGU_CVE-2018-4124_POC

regatta-helm

Helm Chart for the distributed key-value store Regatta.

JamfProFlow-Sets

Configs for Jamf Pro

kyverno-test-util

homebrew-internal-tap

Homebrew Internal Tap

rendr-sample-blueprint-go-microservice

aurorasnapshot

Aurora Cluster snapshot handler (Allows to create and delete Aurora DB Snapshots based in tags)

regatta-java

This repository hosts the code of Regatta client for JVM languages.

ms-security-copilot-plugin

Basic Jamf Pro OpenAPI spec for use with Microsoft Security CoPilot plugin

jamf_entries_menu_manager

ExpressionEngine add-on to rearrange the Entries Menu in the CMS