Giters

kh4sh3i / ProxyLogon

ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

cve-2021-26855exchangeexploitmicrosoft0daycveoutlookproxylogonzeroday2021-27065exchange-servermicrosoft-exchange-proxylogon

ProxyLogon

ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth arbitrary-file-write vulnerability, CVE-2021-27065, to get code execution.

ProxyLogon For Python3

usage:
    sudo python3 proxylogon.py --host=target.com --mail=admin@target.com
    sudo python3 proxylogon.py --host=target.com --mails=./mails.txt

ProxyLogon For Go

usage:
    go run proxylogon.go -u target.com -e admin@target.com

Tips:

  1. recon target to find valid email address
  2. if you do not find any email, use bruteforce target with your email file.
  3. in some target automation exploit not work, you should bruteforce SID and replace in SID=500

manual pentest

sudo python2 /manual/check.py 
sudo python2 /manual/shell.py 
sudo python2 /manual/brute.py

references

About

ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)

cve-2021-26855exchangeexploitmicrosoft0daycveoutlookproxylogonzeroday2021-27065exchange-servermicrosoft-exchange-proxylogon

License:Creative Commons Zero v1.0 Universal

Languages

Language:Python 62.9%Language:Go 37.1%