Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)

Aug 26, 2021 1 min read

ProxyShell

ProxyShell POC Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)

Install

git clone https://github.com/ktecv2000/ProxyShell
cd ProxyShell
virtualenv -p $(which python3) venv
source venv/bin/activate
pip3 install pypsrp
cp wsman.py venv/lib/*/site-packages/pypsrp/wsman.py

Usage

python3 exploit.py <target-exchange-server-ip> <email>

GitHub

https://github.com/ktecv2000/ProxyShell

Proxy

John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.