CVE-2022-41040

This PoC demonstrates CVE-2022-41040, an SSRF vulnerability in Microsoft Exchange Server. It uses `unfurl` and `ffuf` to craft and send malicious requests to target URLs, replacing a placeholder with an attacker-controlled out-of-band (OOB) domain for detection.

This is a Metasploit module for CVE-2022-41040, an SSRF vulnerability in Microsoft Exchange Server. It includes functionality to test for the vulnerability using DNS callbacks and various payloads.

This repository provides a Nuclei template for detecting CVE-2022-41040, an SSRF vulnerability in Microsoft Exchange Server. The template sends a crafted HTTP request to the Autodiscover endpoint to test for the vulnerability.

This repository contains a PowerShell script designed to scan for Indicators of Compromise (IOCs) related to CVE-2022-41040 and CVE-2022-41082 (ProxyNotShell vulnerabilities). It checks logs for malicious patterns, known malicious IPs, and post-exploit files.

This repository contains a Python-based scanner for CVE-2022-41040, which tests for the presence of the vulnerability by sending a crafted HTTP request to the target server. The scanner checks the response status code to determine if the target is vulnerable.

This PowerShell script is a mitigation tool for CVE-2022-41040, an Exchange Server vulnerability. It applies URL rewrite rules to mitigate the vulnerability and includes functionality to rollback mitigations if needed.

This repository contains a Python script that checks for the presence of CVE-2022-41040, a server-side request forgery (SSRF) vulnerability in Microsoft Exchange. The script sends HTTP requests to a list of URLs and checks for a 404 status code with 'IIS Web Core' in the response to determine vulnerability.

This PoC demonstrates an SSRF vulnerability in Microsoft Exchange Server (CVE-2022-41040) by sending crafted requests to the Autodiscover endpoint and checking for callbacks to a collaborator server. It can also test internal URL access if provided.

This repository contains a PowerShell script (EOMTv2.ps1) designed to mitigate CVE-2022-41040, a vulnerability in Microsoft Exchange Server. The script applies URL rewrite rules to block known attack patterns and includes functionality to rollback mitigations if needed.

This Metasploit module exploits CVE-2022-41040 (SSRF) and CVE-2022-41082 (deserialization) to achieve RCE on Microsoft Exchange Server 2019. It chains SSRF to access the PowerShell backend and leverages a .NET deserialization gadget for code execution.

This repository contains a functional exploit PoC for CVE-2022-41040 and CVE-2022-41082 (ProxyNotShell), targeting Microsoft Exchange Server. The exploit leverages PowerShell remoting to achieve remote code execution by crafting malicious SOAP requests.