TaroballzChen / CVE-2022-41040-metasploit-ProxyNotShell
the metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.
☆36Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for CVE-2022-41040-metasploit-ProxyNotShell
- proxyshell payload generate☆72Updated 3 years ago
- 汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/☆77Updated 2 years ago
- PoC for ManageEngine ADAudit Plus CVE-2022-28219☆44Updated 2 years ago
- A Mimikatz For Only Extracting Login Passwords.(Bypasses Most AV's)☆59Updated 2 years ago
- wo ee cve-2022-2185 gitlab authenticated rce☆77Updated 2 years ago
- resource-based constrained delegation RBCD☆43Updated 2 years ago
- dump lsass tool☆39Updated 2 years ago
- Asset scanning by dictionary stitching Domain to identify Exchange Servers versions☆44Updated last year
- Apache Airflow < 2.4.0 DAG example_bash_operator RCE POC☆40Updated last year
- CVE-2021-42287/CVE-2021-42278 exploits in powershell☆37Updated 2 years ago
- ☆101Updated 2 years ago
- The king of shell -Javaweb Memory Shell☆22Updated last year
- dump lsass☆36Updated 2 years ago
- A Custom CLR Assembly for MSSQL of the popular tool GodPotato☆70Updated last year
- SystemGap - Maintenance Tools after privilege escalation☆40Updated 4 months ago
- The poc for CVE-2022-26809 RCE via RPC will be updated here.☆20Updated 2 years ago
- Exchange ProxyRelay POC☆36Updated 2 years ago
- CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL injection☆32Updated 2 years ago
- ☆25Updated 2 years ago
- XSTREAM<=1.4.17漏洞复现(CVE-2021-39141、CVE-2021-39144、CVE-2021-39150)☆61Updated 3 years ago
- badusb联动cobaltrstrike近源攻击☆26Updated 3 years ago
- TeamServer.prop is an optional properties file used by the Cobalt Strike teamserver to customize the settings used to validate screenshot…☆62Updated 3 months ago
- Covers the Arsenal for the BlackHat☆14Updated 2 months ago
- Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540)☆69Updated 2 years ago
- Red TL;DR Database is a set of text data that provides search for red-tldr. If you don’t know red-tldr yet, please read the documentation…☆42Updated 2 years ago
- Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587☆40Updated 2 years ago
- 模拟cobalt strike beacon上线包. Simulation cobalt strike beacon connection packet.☆79Updated 2 years ago
- CobaltStrike Malleable Profile☆23Updated 2 years ago