Closed financialeducation closed 1 year ago
There's probably something wrong with the Python module and hosting environment. #17267 adds a native Metasploit module for the same vulnerability though that includes an exploit instead of just checking for the SSRF.
Msfconsole doesn't recognise the imported auxiliary/scanner/ Here is what I did
https://i.imgur.com/pnXMuz0.png
git clone https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell.git cd https://github.com/advisories/GHSA-6ph7-8wxv-6gf2-metasploit-ProxyNotShell mkdir -p ~/.msf4/modules/auxiliary/scanner/http cp microsoft_exchange_server_proxynotshell_ssrf.py ~/.msf4/modules/auxiliary/scanner/http/ chmod +x ~/.msf4/modules/auxiliary/scanner/http/microsoft_exchange_server_proxynotshell_ssrf.py msfconsole search microsoft_exchange_server_proxynotshell_ssrf [-] No results from search msf6 > search microsoft exchange
after removing pip uninstall urllib3 this is the error I am getting