Giters

sfewer-r7 / CVE-2023-27532

Exploit for CVE-2023-27532 against Veeam Backup & Replication

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE-2023-27532

Proof of Concept code to exploit CVE-2023-27532 and either leak plaintext credentials or perform remote command execution.

Overview

For a detailed analysis of the vulnerability and exploitation please read the Rapid7 AttackerKB Analysis.

Building

Open in Visual Studio. You will need to either add or update the references to Veeam.Backup.Common.dll, Veeam.Backup.Interaction.MountService.dll, and Veeam.Backup.Model.dll. To make things easier, install Veeam Backup & Replication on the development machine, although this is not a hard requirement.

Usage

Leak the plaintext credentials from the remote server.

> VeeamHax.exe --target 192.168.0.100

VeeamHax1

Run an arbitrary command with local system privileges on the remote server.

> VeeamHax.exe --target 192.168.0.100 --cmd calc.exe

VeeamHax2

VeeamHax3

Credits

Previous research into this vulnerability was performed by:

About

Exploit for CVE-2023-27532 against Veeam Backup & Replication

Languages

Language:C# 100.0%