CVE-2018-8581

This is a functional exploit for CVE-2018-8581, which leverages an NTLM relay attack against Microsoft Exchange servers via the Exchange Web Services (EWS) PushSubscription feature. The exploit sets up an HTTP relay server to capture and relay NTLM authentication, potentially leading to privilege escalation and credential dumping.

This PoC exploits CVE-2018-8581, a Microsoft Exchange privilege escalation vulnerability, by manipulating NTLM authentication and serialized security contexts to add or remove delegates. It uses SOAP requests to exploit the vulnerability and requires valid credentials.

This PoC exploits CVE-2018-8581, a privilege escalation vulnerability in Microsoft Exchange Server. It leverages NTLM relaying and serialized security context manipulation to add or remove delegate permissions on a target mailbox.

This repository contains a functional Python exploit for CVE-2018-8581, a Microsoft Exchange privilege escalation vulnerability. The script automates the process of delegating mailbox access from a controlled email account to a target account, including adding and removing delegates.

The repository contains functional exploit code for CVE-2018-8581, specifically targeting Microsoft Exchange Server via an NTLM relay attack. The PoC includes Python scripts for exploiting the vulnerability and C++ source files for RPC client interactions.