CVE-2021-31207

This Metasploit module exploits the ProxyShell vulnerability chain (CVE-2021-31207, CVE-2021-34523, CVE-2021-34473) in Microsoft Exchange Server to achieve unauthenticated remote code execution by bypassing authentication, impersonating users, and writing arbitrary files.

This repository contains a functional exploit for the ProxyShell vulnerability chain (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) affecting Microsoft Exchange Server. The exploit automates the attack chain to achieve unauthenticated remote code execution by leveraging authentication bypass and arbitrary file write vulnerabilities.

This repository contains a functional exploit for the ProxyShell vulnerability chain (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) targeting Microsoft Exchange Server. The exploit merges two existing PoCs to achieve remote code execution by leveraging authentication bypass and arbitrary file write vulnerabilities.

This repository contains a functional exploit for CVE-2021-31207, targeting Microsoft Exchange Server via the ProxyShell vulnerability chain. It includes scripts to automate the exploitation process, delivering a webshell for remote code execution.

This repository contains functional exploit code for CVE-2021-31207, demonstrating ProxyShell vulnerabilities in Microsoft Exchange Server. The scripts include enumeration and RCE capabilities, leveraging autodiscover and EWS endpoints.

This repository contains a functional exploit for CVE-2021-31207, part of the ProxyShell vulnerability chain affecting Microsoft Exchange Server. The exploit demonstrates an authentication bypass and remote code execution by chaining SSRF and PowerShell remoting attacks.

This repository contains a scanner for detecting the Proxyshell vulnerability (CVE-2021-31207) in Microsoft Exchange Server. It includes a Python script and a Nuclei template to check for the presence of the vulnerability by sending a crafted request and checking for specific headers in the response.