exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 69 RSS Feed

Files

Microsoft Exchange 2003 base64-MIME Remote Code Execution
Posted Jul 5, 2019
Authored by Charles Truscott

Microsoft Exchange 2003 base64-MIME remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2007-0213
SHA-256 | 4859c39718aac5be2a192fca72d211ff996ed17132eca3cf35147eadf2542d08

Related Files

Microsoft Exchange Active Directory Topology 15.02.1118.007 Unquoted Service Path
Posted Apr 3, 2023
Authored by Milad Karimi

Microsoft Exchange Active Directory Topology version 15.02.1118.007 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 2577fc5cbdea375c5b3a3fa3691dc1cd638ff2bec6d496d969ac7635c5d06a53
Microsoft Exchange ProxyNotShell Remote Code Execution
Posted Nov 30, 2022
Authored by Soroush Dalili, Spencer McIntyre, Orange Tsai, Rich Warren, Piotr B, DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q | Site metasploit.com

This Metasploit module chains two vulnerabilities on Microsoft Exchange Server that, when combined, allow an authenticated attacker to interact with the Exchange Powershell backend (CVE-2022-41040), where a deserialization flaw can be leveraged to obtain code execution (CVE-2022-41082). This exploit only supports Exchange Server 2019. These vulnerabilities were patched in November 2022.

tags | exploit, vulnerability, code execution
advisories | CVE-2022-41040, CVE-2022-41082
SHA-256 | 52e94b2539eeb923ed6dfcf33bf21788d037db18208e166670e34916d20844dd
Microsoft Exchange Active Directory Topology 15.0.847.40 Unquoted Service Path
Posted Apr 18, 2022
Authored by Antonio Cuomo

Microsoft Exchange Active Directory Topology version 15.0.847.40 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 2f407977c098abbdb0946a25c077ddadc45d9fc1ae9d33ebaf509cd00c834bcf
Microsoft Exchange Mailbox Assistants 15.0.847.40 Unquoted Service Path
Posted Apr 18, 2022
Authored by Antonio Cuomo

Microsoft Exchange Mailbox Assistants version 15.0.847.40 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 04b6aa4ca61d40818e86e87cea3f096b7a0df693e124440f7a45ee236a584cbd
Microsoft Exchange ProxyShell Remote Code Execution
Posted Aug 20, 2021
Authored by Spencer McIntyre, Orange Tsai, wvu, Ramella Sebastien, Jang, PeterJson, brandonshi123 | Site metasploit.com

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker to bypass the authentication, impersonate an arbitrary user, and write an arbitrary file to achieve remote code execution. By taking advantage of this vulnerability, you can execute arbitrary commands on the remote Microsoft Exchange Server. This vulnerability affects Exchange 2013 CU23 versions before 15.0.1497.15, Exchange 2016 CU19 versions before 15.1.2176.12, Exchange 2016 CU20 versions before 15.1.2242.5, Exchange 2019 CU8 versions before 15.2.792.13, and Exchange 2019 CU9 versions before 15.2.858.9.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2021-31207, CVE-2021-34473, CVE-2021-34523
SHA-256 | b555cd3b9862ec567195ff3003e6dc453483630a7c663ee17d582778c11dbf59
Microsoft Exchange ProxyLogon Collector
Posted May 21, 2021
Authored by Ramella Sebastien | Site metasploit.com

This Metasploit module scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin by chaining this bug with another post-auth arbitrary-file-write vulnerability to get code execution. As a result, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server. This vulnerability affects Exchange 2013 versions below 15.00.1497.012, Exchange 2016 CU18 below 15.01.2106.013, Exchange 2016 CU19 below 15.01.2176.009, Exchange 2019 CU7 below 15.02.0721.013, and Exchange 2019 CU8 below 15.02.0792.010 . All components are vulnerable by default.

tags | exploit, arbitrary, code execution, info disclosure
advisories | CVE-2021-26855, CVE-2021-27065
SHA-256 | 585a4badc4bc32954c170e5f8283ee5e2c9ceb31c4f0aab20e24dc5c6ff31912
Microsoft Exchange 2019 Unauthenticated Email Download
Posted May 18, 2021
Authored by Gonzalo Villegas

Microsoft Exchange 2019 unauthenticated email download exploit.

tags | exploit, info disclosure
advisories | CVE-2021-26855
SHA-256 | 2af5b9bd138c45d1bf5e92b4e5613e7bcfec93e1c4d006a04b0fda8a6ae77f19
Microsoft Exchange ProxyLogon Remote Code Execution
Posted Mar 23, 2021
Authored by Orange Tsai, mekhalleh, Jang, lotusdll | Site metasploit.com

This Metasploit module exploits a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication, impersonating as the admin (CVE-2021-26855) and write arbitrary file (CVE-2021-27065) to get the RCE (Remote Code Execution). By taking advantage of this vulnerability, you can execute arbitrary commands on the remote Microsoft Exchange Server. This vulnerability affects Exchange 2013 Versions less than 15.00.1497.012, Exchange 2016 CU18 less than 15.01.2106.013, Exchange 2016 CU19 less than 15.01.2176.009, Exchange 2019 CU7 less than 15.02.0721.013, and Exchange 2019 CU8 less than 15.02.0792.010. All components are vulnerable by default.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2021-26855, CVE-2021-27065
SHA-256 | 8d10a6f462db1c384d95aaac3ccd5096fe1f2900acfdd10d4d8f6104dd67ec68
Microsoft Exchange 2019 SSRF / Arbitrary File Write
Posted Mar 18, 2021
Authored by F5

Microsoft Exchange 2019 proxylogon server-side request forgery to arbitrary file write exploit.

tags | exploit, arbitrary
advisories | CVE-2021-26855
SHA-256 | a5a0b4b66c3feed240325ea75b84724ecb668c07a94b286b4c7c0d122cfeae94
Microsoft Exchange Proxylogon SSRF Proof Of Concept
Posted Mar 11, 2021
Authored by testanull

Microsoft Exchange Proxylogon server-side request forgery proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 1c373baa158377a14fb2382356cc246aad42c9f3070e607c68d7ad613fbc6796
Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation
Posted Feb 24, 2021
Authored by Source Incite | Site github.com

Microsoft Exchange Server has a flaw that exists within the HasValidCanary function inside of the Canary15 class. The issue results in an insecure generation of cross site request forgery tokens that can be used to install an office-addins. An attacker can leverage this vulnerability to escalate privileges to an administrative account.

tags | exploit, csrf
advisories | CVE-2021-24085
SHA-256 | ff865496e0bee101f53c29c316899cda3609c752370953dcd22a507052e91f6b
Red Hat Security Advisory 2020-4649-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4649-01 - Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was originally developed as a back end for the Evolution information management application, but is now used by various other applications. OpenChange provides libraries to access Microsoft Exchange servers using native protocols.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2020-14928
SHA-256 | 6a6fe3ae7683e1e796f4210d6f181c1fe03deffb8b5b636c0a365eeebff3b87c
Spraying OWA And Abusing MSSQL
Posted Sep 30, 2020
Authored by Haboob Team

Whitepaper that goes over a full attack scenario by getting a foothold through Microsoft Exchange OWA Portal to discover and abuse MSSQL.

tags | paper
SHA-256 | 1e359078a38e5ef9da11966368cd8309e0715ec901171b245500b208e0b296e2
Exchange Control Panel Viewstate Deserialization
Posted Mar 4, 2020
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module exploits a .NET serialization vulnerability in the Exchange Control Panel (ECP) web page. The vulnerability is due to Microsoft Exchange Server not randomizing the keys on a per-installation basis resulting in them using the same validationKey and decryptionKey values. With knowledge of these, values an attacker can craft a special viewstate to cause an OS command to be executed by NT_AUTHORITY\SYSTEM using .NET deserialization.

tags | exploit, web
advisories | CVE-2020-0688
SHA-256 | 9ba178072e43dcc78183e17a6aebcaa356ad487774d5b60829b0623367acc1fb
Microsoft Exchange 2019 15.2.221.12 Remote Code Execution
Posted Mar 2, 2020
Authored by Photubias

Microsoft Exchange 2019 version 15.2.221.12 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-0688
SHA-256 | 2209d610405eecbd97899d9712efd45c455cffc7e713903504d884634ddf470f
Microsoft Exchange Server External Service Interaction
Posted Dec 27, 2019
Authored by Alphan Yavas

Microsoft Exchange Server 2013 CU22 and previous versions suffer from an external service interaction issue.

tags | exploit
SHA-256 | 97ae1cdfb14b6b4713dcecd41c04b196d03d7a204cae20790fa60f8db0e26eaa
Rollup 18 For Microsoft Exchange Server 2010 SP3 Server-Side Request Forgery
Posted Sep 18, 2018
Authored by Alphan Yavas

Rollup 18 for Microsoft Exchange Server 2010 SP3 suffers from a server-side request forgery vulnerability.

tags | advisory
advisories | CVE-2018-16793
SHA-256 | 21c4cf2557cdae57096b76c2fb41d1b4ed8b3452e40921277e40d601c4b580da
Microsoft Exchange Open Redirect
Posted Mar 28, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Exchange suffers from an open redirect vulnerability.

tags | exploit
advisories | CVE-2016-3378
SHA-256 | 984f3e5bf9a46dde0835b0d4970d3406f20883bb6d60759b4da0a53b6e0ee2ab
Sophos Mobile Control 3.5.0.3 Open Reverse Proxy
Posted Aug 5, 2016
Authored by Tim Kretschmann

Sophos EAS Proxy is part of the Enterprise Mobility Management (EMM) platform Sophos Mobile Control, which allows control of mail access for managed mobile devices. Anonymous attackers can access any web-resources of the backend mail system like Microsoft Exchange or IBM Domino, if Lotus Traveler option is enabled. Brute force attacks against users in the backend mail system are also possible. Version 3.5.0.3 is affected.

tags | exploit, web
advisories | CVE-2016-6597
SHA-256 | 13292e8189bb32eb950d3a3ed393223e5c68751d34f25e1d5312f596b3dfaf82
Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure
Posted Sep 29, 2014
Authored by Nate Power | Site metasploit.com

This Metasploit module tests vulnerable IIS HTTP header file paths on Microsoft Exchange OWA 2003, CAS 2007, 2010, 2013 servers.

tags | exploit, web, info disclosure
SHA-256 | 9b7a26362762262f505e7f02227cb75f7b373f2560a109697a283d98dbb104e4
CAS Autodiscover Enumeration
Posted Aug 3, 2014
Authored by Nathan Power

The Microsoft Exchange Client Access Server (CAS) that services Autodiscover has been found vulnerable to an information disclosure. It has been discovered that a standard domain user without Exchange permissions can enumerate Autodiscover configuration files of Exchange users by an XML SOAP parameter injection.

tags | exploit, info disclosure
SHA-256 | 54c985d67107ade894f094c2b0fe43f071b3e549fb3bf44c8d221541460ae91e
Microsoft Exchange Internal IP Disclosure
Posted Aug 3, 2014
Authored by Nathan Power

Multiple issues have been discovered that makes it possible to disclose internal IP addresses of remote Microsoft Exchange environments.

tags | exploit, remote
SHA-256 | 1583d0211f9142e47c610ac0fa845c95f421e39d1782f40c8b7bdb1923355789
Red Hat Security Advisory 2013-1540-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1540-02 - Evolution is the integrated collection of email, calendaring, contact management, communications, and personal information management tools for the GNOME desktop environment. A flaw was found in the way Evolution selected GnuPG public keys when encrypting emails. This could result in emails being encrypted with public keys other than the one belonging to the intended recipient. The Evolution packages have been upgraded to upstream version 2.32.3, which provides a number of bug fixes and enhancements over the previous version. These changes include implementation of Gnome XDG Config Folders, and support for Exchange Web Services protocol to connect to Microsoft Exchange servers. EWS support has been added as a part of the evolution-exchange packages.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2013-4166
SHA-256 | 9fb326f3b1b47a580643bac3c257f224e35acd6f987a04d2349a2234d18d3e18
Red Hat Security Advisory 2013-0515-02
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0515-02 - The openchange packages provide libraries to access Microsoft Exchange servers using native protocols. Evolution-MAPI uses these libraries to integrate the Evolution PIM application with Microsoft Exchange servers. A flaw was found in the Samba suite's Perl-based DCE/RPC IDL compiler. As OpenChange uses code generated by PIDL, this could have resulted in buffer overflows in the way OpenChange handles RPC calls. With this update, the code has been generated with an updated version of PIDL to correct this issue. The openchange packages have been upgraded to upstream version 1.0, which provides a number of bug fixes and enhancements over the previous version, including support for the rebased samba4 packages and several API changes.

tags | advisory, overflow, perl, protocol
systems | linux, redhat
advisories | CVE-2012-1182
SHA-256 | 5c9dd4885b245ecf8ed98fec1242a39231d294c129bcbb7e1f55c61f932d8dc5
Secunia Security Advisory 52133
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Microsoft has acknowledged multiple vulnerabilities in Microsoft Exchange Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | de1b1a7cb5aa3c9a4ce65769d8ca6ab1bcd17b7e2554cb2cca62b369daa125e1
Page 1 of 3
Back123Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close