Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2021-26855 PoC — Microsoft Exchange Server Remote Code Execution Vulnerability

Source
https://github.com/ZephrFish/Exch-CVE-2021-26855_Priv
Associated Vulnerability
Title:Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-26855)
Description:Microsoft Exchange Server Remote Code Execution Vulnerability
Description
patched to work
Readme
# Exch-CVE-2021-26855
ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth arbitrary-file-write vulnerability, CVE-2021-27065, to get code execution. All affected components are vulnerable by default!

As a result, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server through an only opened 443 port!

## Usage:
```
python ExchangeSheller.py mail.domain.com test2@domain.com
python ExchangeSheller.py IP:443 test2@domain.com
```

## Expected Output
It'll give you a shell as system

## Note:
The exploit does not brute force the emails so you will need to know a valid email on the exchange server for this to work, there are other PoCs out there that'll try a few common ones but that's on you folks!
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →