Open certrik opened 2 years ago
@CronUp @LuemmelSec
Looking at https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9
payload_bypass3 = "/autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=%50owershell/autodiscover.json"
would do the trick, if I am right.
Hi,
does the script also test the latest bypass which was fixed on the 8th of October? https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/
Thank you.