Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/testanull/ProxyNotShell-PoC
https://github.com/testanull/ProxyNotShell-PoC
Last synced: about 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/testanull/ProxyNotShell-PoC
- Owner: testanull
- Created: 2022-11-17T02:25:51.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2022-11-18T07:30:30.000Z (about 2 years ago)
- Last Synced: 2024-08-05T17:43:43.399Z (5 months ago)
- Language: Python
- Size: 5.86 KB
- Stars: 403
- Watchers: 7
- Forks: 86
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - testanull/ProxyNotShell-PoC - (Python)
README
### Working PoC for CVE-2022-41040 and CVE-2022-41082 (A.K.A ProxyNotShell)
Requirement:
- pip install requests_ntlm2 requests
Usage:
```
python poc_aug3.py
```
Creds:
- ProxyShell PoC script from: https://blog.viettelcybersecurity.com/pwn2own-2021-microsoft-exchange-exploit-chain/
- Gtsc's blog post
- https://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend