search

TaroballzChen / CVE-2022-41040-metasploit-ProxyNotShell

the metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.
36 stars 15 forks source link

No results from search #1

Open financialeducation opened 1 year ago

financialeducation commented 1 year ago

Msfconsole doesn't recognise the imported auxiliary/scanner/ Here is what I did

https://i.imgur.com/pnXMuz0.png

1) git clone https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell.git 2) cd CVE-2022-41040-metasploit-ProxyNotShell 3) mkdir -p ~/.msf4/modules/auxiliary/scanner/http 4) cp microsoft_exchange_server_proxynotshell_ssrf.py ~/.msf4/modules/auxiliary/scanner/http/ 5) chmod +x ~/.msf4/modules/auxiliary/scanner/http/microsoft_exchange_server_proxynotshell_ssrf.py 6) msfconsole 7) search microsoft_exchange_server_proxynotshell_ssrf [-] No results from search

msf6 > search microsoft exchange


Matching Modules
================

   #   Name                                                          Disclosure Date  Rank       Check  Description
   -   ----                                                          ---------------  ----       -----  -----------
   0   exploit/windows/http/exchange_ecp_viewstate                   2020-02-11       excellent  Yes    Exchange Control Panel ViewState Deserialization
   1   auxiliary/scanner/http/exchange_web_server_pushsubscription   2019-01-21       normal     No     Microsoft Exchange Privilege Escalation Exploit
   2   auxiliary/gather/exchange_proxylogon_collector                2021-03-02       normal     No     Microsoft Exchange ProxyLogon Collector
   3   exploit/windows/http/exchange_proxylogon_rce                  2021-03-02       excellent  Yes    Microsoft Exchange ProxyLogon RCE
   4   auxiliary/scanner/http/exchange_proxylogon                    2021-03-02       normal     No     Microsoft Exchange ProxyLogon Scanner
   5   exploit/windows/http/exchange_proxyshell_rce                  2021-04-06       excellent  Yes    Microsoft Exchange ProxyShell RCE
   6   exploit/windows/http/exchange_chainedserializationbinder_rce  2021-12-09       excellent  Yes    Microsoft Exchange Server ChainedSerializationBinder RCE
   7   exploit/windows/http/exchange_ecp_dlp_policy                  2021-01-12       excellent  Yes    Microsoft Exchange Server DlpUtils AddTenantDlpPolicy RCE
   8   exploit/linux/local/cve_2021_38648_omigod                     2021-09-14       excellent  Yes    Microsoft OMI Management Interface Authentication Bypass
   9   auxiliary/gather/office365userenum                            2018-09-05       normal     No     Office 365 User Enumeration
   10  auxiliary/scanner/http/owa_iis_internal_ip                    2012-12-17       normal     No     Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure
   11  post/windows/gather/exchange                                                   normal     No     Windows Gather Exchange Server Mailboxes

Interact with a module by name or index. For example info 11, use 11 or use post/windows/gather/exchange
financialeducation commented 1 year ago

tail ./../logs/framework.log

[11/14/2022 17:38:46] [e(0)] core: Unexpected output running /root/.msf4/modules/auxiliary/scanner/http/microsoft_exchange_server_proxynotshell_ssrf.py: /usr/local/lib/python3.10/dist-packages/requests-2.20.0-py3.10.egg/requests/init.py:89: RequestsDependencyWarning: urllib3 (1.26.5) or chardet (4.0.0) doesn't match a supported version! warnings.warn("urllib3 ({}) or chardet ({}) doesn't match a supported "

financialeducation commented 1 year ago

after removing pip uninstall urllib3 this is the error I am getting

/.msf4/modules# tail ./../logs/framework.log from distutils.version import StrictVersion

[11/16/2022 11:57:07] [d(0)] core: HistoryManager.push_context name: :msfconsole [11/16/2022 11:58:25] [d(0)] core: HistoryManager.pop_context name: :msfconsole [11/16/2022 11:58:30] [e(0)] core: Failed to connect to the database: No database YAML file [11/16/2022 11:58:43] [e(0)] core: Unexpected output running /opt/metasploit-framework/embedded/framework/modules/exploits/linux/smtp/haraka.py: /opt/metasploit-framework/embedded/framework/modules/exploits/linux/smtp/haraka.py:14: DeprecationWarning: The distutils package is deprecated and slated for removal in Python 3.12. Use setuptools or check PEP 632 for potential alternatives from distutils.version import StrictVersion