/OWASSRF-CVE-2022-41082-POC

PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers

Primary LanguagePython

CVE-2022-41082-POC

PoC for the CVE-2022-41082 NotProxyShell OWASSRF Vulnerability Effecting Microsoft Exchange Servers

This is Post-Auth RCE for ProxyNotShell OWASSRF, valid cardentials are needed for command execution.

Added the Powershell PoC script for TabShell Vulnerability (CVE-2022-41076)

The TabShell vulnerability its a form of Privilege Escalation which allows breaking out of the restricted Powershell Sandbox after you have successfully gained access through OWASSRF.

Affected versions

Exchange 2013,16,19 till 08.11.2022 patch This exploit bypasses Microsoft Hotfix from October 2022

Setup

pip install -r requirements.txt

Running

usage: python poc.py [-H Target] [-u username] [-p "password"] [-c cmd_file]
python poc.py -H https://192.168.0.1 -u user2 -p "123QWEasd!@#" -c cmd_file'