59 matches found
Microsoft Exchange ProxyLogon Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework begin auxiliary class class MetasploitModule 'Microsoft Exchange ProxyLogon Scanner', 'Description' = %q This module scan for a vulnerability on Microsoft Exchange Serve...
Exploit for Server-Side Request Forgery in Microsoft
CVE-2021-26855 This is a modified version of a POC for proxyl...
BackdoorDiplomacy targets the telecom industry in the Middle East
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary BackdoorDiplomacy, an advanced persistent threat APT gang with roots in China, is most likely behind a hostile campaign targeting the Middle East. The espionage action, aimed at a Middle Eastern telecom...
Joint Advisory AA22-279A and Vulristics
Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory CSA AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link for Russia: Americans cant just release a list...
Exploit for Server-Side Request Forgery in Microsoft
proxylogon my exploit for the proxylogon chain Microsoft Exch...
2021 Top Routinely Exploited Vulnerabilities
Summary This joint Cybersecurity Advisory CSA was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, Federal Bureau of Investigation FBI,...
Exploit for Server-Side Request Forgery in Microsoft
pocproxylogon Microsoft Exchange ProxyLogon PoC CVE-2021-268...
Hackers Exploiting ProxyLogon and ProxyShell Flaws in Spam Campaigns
Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign that leverages stolen email chains to bypass security software and deploy malware on vulnerable systems. The findings come from Trend Micro following an...
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
Over the past year, the Microsoft Threat Intelligence Center MSTIC has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. At CyberWarCon 2021, MSTIC analysts presented their analysis of these trends in Iranian nation state...
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
Over the past year, the Microsoft Threat Intelligence Center MSTIC has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. At CyberWarCon 2021, MSTIC analysts presented their analysis of these trends in Iranian nation state...
Microsoft Exchange 2019 - Unauthenticated Email Download Exploit
Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Metasploit Exploit Author: RAMELLA Sébastien Vendor Homepage: https://microsoft.com Version: This vulnerability affects Exchange 2013 Versions 'Microsoft Exchange ProxyLogon Collector', 'Description' = %q This module scan for...
Microsoft Exchange ProxyLogon Collector
Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Metasploit Date: 2021-03-02 Exploit Author: RAMELLA Sébastien Vendor Homepage: https://microsoft.com Version: This vulnerability affects Exchange 2013 Versions 'Microsoft Exchange ProxyLogon Collector', 'Description' = %q Thi...
Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit)
Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Metasploit Date: 2021-03-02 Exploit Author: RAMELLA Sébastien Vendor Homepage: https://microsoft.com Version: This vulnerability affects Exchange 2013 Versions 'Microsoft Exchange ProxyLogon Collector', 'Description' = %q Thi...
Microsoft Exchange 2019 Unauthenticated Email Download
Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Date: 03-11-2021 Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and...
Microsoft Exchange 2019 - Unauthenticated Email Download Exploit
Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and automated downloads of...
Microsoft Exchange 2019 - Unauthenticated Email Download
Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Date: 03-11-2021 Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and...
Lemon Duck Cryptojacking Botnet Changes Up Tactics
The Lemon Duck cryptocurrency-mining botnet has added the ProxyLogon group of exploits to its bag of tricks, targeting Microsoft Exchange servers. That’s according to researchers at Cisco Talos, who said that the cybercrime group behind Lemon Duck has also added the Cobalt Strike attack framework...
Exploit for Path Traversal in Vmware Cloud_Foundation
Ladon Scanner For Golang Wiki http://k8gege.org/Ladon/LadonGo.html 简介...
Microsoft Exchange ProxyLogon RCE
This module exploit a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication, impersonating as the admin CVE-2021-26855 and write arbitrary file CVE-2021-27065 to get the RCE Remote Code Execution. By taking advantage of this vulnerability, you can execute...
Microsoft Exchange ProxyLogon Scanner
This module scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin CVE-2021-26855. By chaining this bug with another post-auth arbitrary-file-write vulnerability to get code execution CVE-2021-27065. As a result, a...