CVE-2023-29357 PoC — Microsoft SharePoint Server Elevation of Privilege Vulnerability

Source

Associated Vulnerability

Readme

Recreation of the SharePoint PoC for CVE-2023-29357 in C# with lots of help from ChatGPT.  
Build with .Net Version 4.7.2 in Visual Studio 2017   
Use NuGet Package manager to install any missing packages  
Yara rules for detection below  

Usage:  
```
CVE-2023-29357.exe http(s)://yoursharepoint.lol [-v]
```
![image](https://github.com/LuemmelSec/CVE-2023-29357/assets/58529760/eaa72166-7644-458c-8aeb-791d9e5fd205)

Huge shoutout to:  
[Jang](https://twitter.com/testanull) for being very supportive with explainations on exploit steps and his huge writeup:  
https://testbnull.medium.com/p2o-vancouver-2023-v%C3%A0i-d%C3%B2ng-v%E1%BB%81-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955-ed97dcab131e  

[WhiteKnight](https://twitter.com/Chocapikk_) for his support and the Python exploit:  
https://github.com/Chocapikk/CVE-2023-29357  

[Florian Roth](https://twitter.com/cyb3rops) for his immediate efforts to provide YARA rules to help you protect against the usage of the current exploits:  
https://twitter.com/cyb3rops/status/1707678149448700270  
https://github.com/Neo23x0/signature-base/blob/master/yara/expl_sharepoint_cve_2023_29357.yar

File Snapshot

 [4.0K]  /data/pocs/0bdadb1117f3449231797f81134f4fce10b1dec9
├── [4.0K]  CVE-2023-29357
│   ├── [1.7K]  App.config
│   ├── [6.9K]  CVE-2023-29357.csproj
│   ├── [1.4K]  packages.config
│   ├── [ 16K]  Program.cs
│   └── [4.0K]  Properties
│       └── [1.4K]  AssemblyInfo.cs
├── [1.1K]  CVE-2023-29357.sln
└── [1.1K]  README.md

2 directories, 7 files

Remarks