CVE-2022-41082

This repository contains a functional PoC for CVE-2022-41082, a post-auth RCE vulnerability in Microsoft Exchange (ProxyNotShell OWASSRF). It includes a Python script to exploit the vulnerability and a PowerShell script (TabShell.ps1) for privilege escalation via CVE-2022-41076.

This repository provides an Nmap NSE script to detect the presence of CVE-2022-41082, a Microsoft Exchange vulnerability. It checks for virtual patching or workarounds but does not include exploit code for achieving RCE.

This repository provides an Nmap NSE script to scan for CVE-2022-41082, a Microsoft Exchange Server Remote Code Execution Vulnerability. It includes instructions for checking both HTTP and HTTPS endpoints.

This repository contains a Python-based PoC for CVE-2022-41082, an OWASSRF vulnerability in Microsoft Exchange servers. The exploit bypasses authentication and executes arbitrary commands via PowerShell, potentially leading to remote code execution (RCE).

This YAML file is a Nuclei template designed to detect CVE-2022-41082, a Microsoft Exchange Server vulnerability, by sending a crafted HTTP request to the autodiscover endpoint and checking for specific response patterns (401 status and 'x-owa-version' header). It does not contain exploit code but serves as a detection mechanism.

This repository contains a functional PoC for CVE-2022-41082, a post-auth RCE vulnerability in Microsoft Exchange (ProxyNotShell OWASSRF). It includes a Python script for exploitation and a PowerShell script (TabShell.ps1) for privilege escalation via CVE-2022-41076.

This repository is a detailed writeup and incident report on an attempted exploitation of CVE-2022-41082, a critical RCE vulnerability in Microsoft Exchange Server. It includes analysis of the attack, mitigation strategies, and detection methods.

This repository provides an Nmap script to scan for CVE-2022-41082, a vulnerability in Microsoft Exchange Server. It does not include exploit code but offers a detection method for both HTTP and HTTPS services.

The repository contains a script that automates domain discovery and Nmap scanning for CVE-2022-41082 (ProxyNotShell) using a custom NSE script. It does not include functional exploit code but aids in vulnerability detection.

This Metasploit module exploits CVE-2022-41040 (SSRF) and CVE-2022-41082 (deserialization) to achieve RCE on Microsoft Exchange Server 2019 via authenticated Powershell backend interaction.

This repository contains a Python-based scanner for detecting CVE-2022-40140 and CVE-2022-41082 (NotProxyShell) vulnerabilities in Microsoft Exchange Server. It sends crafted HTTP requests to the target and checks for specific response patterns to determine potential vulnerability.