CVE-2023-29357

This repository contains a functional Python exploit for CVE-2023-29357, a privilege escalation vulnerability in Microsoft SharePoint Server. The exploit impersonates authenticated users by crafting a JWT token with spoofed claims, allowing elevation to admin privileges.

This repository contains a functional C# exploit for CVE-2023-29357, which targets a SharePoint authentication bypass vulnerability. The exploit fetches the Realm, forges a JWT to authenticate as app@sharepoint, and impersonates users with SiteAdmin privileges.

The repository provides minimal details about CVE-2023-29357, focusing on environment setup and pointing to an external GitHub repository for the actual exploit. It lacks technical depth or exploit code, instead offering vague instructions and download links.

The repository lacks actual exploit code and only provides a vague usage example with a screenshot link. No technical details or code are included, making it a potential lure.

The repository contains a Python script that checks if a Microsoft SharePoint Server is vulnerable to CVE-2023-29357 by attempting to exploit an authentication bypass via a crafted JWT token. It does not execute arbitrary code but confirms vulnerability status.

This exploit demonstrates CVE-2023-29357, a SharePoint spoofing vulnerability, by crafting JWT tokens with 'alg: none' to impersonate admin users. It authenticates and spoofs admin identities via SharePoint's API endpoints.

This repository provides a detailed SOC case analysis of CVE-2023-29357, a privilege escalation vulnerability in Microsoft SharePoint Server. It includes log analysis, process investigation, and response procedures but lacks functional exploit code.