https://github.com/dwisiswant0/proxylogscan

A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).
https://github.com/dwisiswant0/proxylogscan

cve-2021-26855 cve-2021-27065 microsoft-exchange microsoft-exchange-proxylogon microsoft-exchange-server proxylogon ssrf

Last synced: 3 months ago
JSON representation

A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

• Host: GitHub
• URL: https://github.com/dwisiswant0/proxylogscan
• Owner: dwisiswant0
• License: mit
• Created: 2021-03-08T11:54:32.000Z (over 4 years ago)
• Default Branch: master
• Last Pushed: 2022-03-02T15:41:29.000Z (over 3 years ago)
• Last Synced: 2024-06-20T08:01:36.607Z (about 1 year ago)
• Topics: cve-2021-26855, cve-2021-27065, microsoft-exchange, microsoft-exchange-proxylogon, microsoft-exchange-server, proxylogon, ssrf
• Language: Go
• Homepage:
• Size: 9.77 KB
• Stars: 155
• Watchers: 9
• Forks: 23
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE

Awesome Lists containing this project

README

        
# proxylogscan



This tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

By chaining this bug with another post-auth arbitrary-file-write vulnerability to get code execution (CVE-2021-27065).

As a result, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server.

This vulnerability affects (Exchange 2013 Versions < 15.00.1497.012, Exchange 2016 CU18 < 15.01.2106.013, Exchange 2016 CU19 < 15.01.2176.009, Exchange 2019 CU7 < 15.02.0721.013, Exchange 2019 CU8 < 15.02.0792.010).

All components are vulnerable by default.

## Installation

> [Go 1.13+](https://golang.org/doc/install) required.

```console

$ go get dw1.io/proxylogscan

```

Or download pre-built binary at [release page](https://github.com/dwisiswant0/proxylogscan/releases).

## Usage

```console

$ proxylogscan -h

Usage of proxylogscan:

  -m string

        Request method (default "GET")

  -p string

        Proxy URL (HTTP/SOCKSv5)

  -s    Silent mode (Only display vulnerable/suppress errors)

  -u string

        Target URL/list to scan

```

### Examples

There are 3 ways to use this tool.

```

$ proxylogscan -u https://domain.tld

$ proxylogscan -u urls.txt

$ cat urls.txt | proxylogscan

$ subfinder -silent -d domain.tld | httpx -silent | proxylogscan

```

## Supporting Materials

- https://proxylogon.com

- https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/

## License

`proxylogscan` is distributed under MIT.