what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Piotr B

SolarWinds Information Service (SWIS) Remote Command Execution

Posted Mar 28, 2023

Authored by Spencer McIntyre, Piotr B, Justin Hong, Lucas Miller | Site metasploit.com

The SolarWinds Information Service (SWIS) is vulnerable to remote code execution by way of a crafted message received through the AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted message whose body is a serialized .NET object which can lead to OS command execution as NT AUTHORITY\SYSTEM.

tags | exploit, remote, code execution

advisories | CVE-2022-38108

SHA-256 | fbc6c5c5be944eb52ce167a061f21875f137dc6101b3184bad8a0d10c9afd154

Download | Favorite | View

Microsoft Exchange ProxyNotShell Remote Code Execution

Posted Nov 30, 2022

Authored by Soroush Dalili, Spencer McIntyre, Orange Tsai, Rich Warren, Piotr B, DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q | Site metasploit.com

This Metasploit module chains two vulnerabilities on Microsoft Exchange Server that, when combined, allow an authenticated attacker to interact with the Exchange Powershell backend (CVE-2022-41040), where a deserialization flaw can be leveraged to obtain code execution (CVE-2022-41082). This exploit only supports Exchange Server 2019. These vulnerabilities were patched in November 2022.

tags | exploit, vulnerability, code execution

advisories | CVE-2022-41040, CVE-2022-41082

SHA-256 | 52e94b2539eeb923ed6dfcf33bf21788d037db18208e166670e34916d20844dd

Download | Favorite | View