MICROSOFT SHAREPOINT RCE (CVE-2020-0646) GENERATOR
- Is a code generator that generate a .XOML code and a C# code that once uploaded (.XOML file) or compiled (C#) in SharePoint will remote execute the command in the server. Works on SharePoint On-Premise without January 2020 .NET Patch.
Windows Server 2012 R2 Standard with June 2019 patch
Not send virustotal to avoid been detected. Virustotal sends all samples to antivirus companies.
Use a different service to check...
Notes about this issue:
SharePoint is include with Windows Server and the purpose of Windows Server is to manage and serve a network of computers. Since the release of 2003 it become popular between local networks. In 2020 the logic step of Windows Server is to eliminate local devices while having all the network components.
The technology is so advanced that it only require a monitor, a mouse, a keyboard, lan connection and Windows Server manage all the rest like settings, files, etc. To start it only require a admin to setup a profile and the user work under that profile and all is saved and maintained on the server.
SharePoint is one of the apps that is include with Windows Server and the exploit here available provide to low end authenticated users a flaw that allow remote code execution directly in the server. In a permission based network only admin should have access to the server and in most cases only with local access is possible to manage it. This type of flaw bypass this restriction and if guests is allowed to use the network than anyone with local access to a computer can execute commands or install malware in the server machine.