proxyshell-poc's Introduction
proxyshell-poc's People
Forkers
fsacer askyeye lazydreamerboy rvrsh3ll agowa sleepyeinstein jermainlaforce tongxue223 p3t3rp4rk3r jeningogo crackercat udyz zhouzu gitttttbottttt phuong39 iiiusky lsr00ter k4k4 wudicainiao dinihou funnydog896 irsdl slurpgeit meannogreen dcmjid curtishoughton mabangde cephurs pu55yf3r virgilcj datntsec bb33bb shanfenglan st-lucifer 3m1za4 potat0chips badguy0827 whichbuffer lex1010 r3dc4t0x00 team-firebugs chivrs supejkj changheluor007 astring0 jack51706 ashr kkin77 fengzihk prettyrecon w1kyri3 wayc0des-land babywyrm b1naryxx cafa1 shantanu561993 zha0 akpotter legionxkp byt3d3f3nd3r gysf666 filipesam qlng ylh666 hartl3y94 yijinglab fbion rassec budtit hstarrr saucer-man fireinthehole2019 weiwhy 5l1v3r1 sonofapharmacist hittergo mohams3c mollaahmadi fdlucifer tgaout eeenvik1 nickswink juanschallibaum 0rx1 badguy233 justinforbes jeromeyoung ammasajan as4mir abramas jeffchan69 krizalchen zlgxzswjy bitbob-cmd mochizuki3310 aluminum5 adrenaline6 ofirsw sts0mrg0 tonyscyproxyshell-poc's Issues
i need help
What's the password about weshell, please
TypeError: tostring() got an unexpected keyword argument 'xml_declaration'
Tried running on our network and received this error.
Command was python3 proxyshell.py -u x.x.x.x -e [email protected]
Traceback (most recent call last):
File "proxyshell.py", line 247, in
main()
File "proxyshell.py", line 236, in main
exploit(proxyshell)
File "proxyshell.py", line 180, in exploit
proxyshell.get_legacydn()
File "proxyshell.py", line 109, in get_legacydn
data = self.autodiscover_body()
File "proxyshell.py", line 137, in autodiscover_body
xml_declaration=False
TypeError: tostring() got an unexpected keyword argument 'xml_declaration'
shellid
The following error keeps getting:
The request for the Windows Remote Shell with ShellId D5C38865-CC9C-4B0D-A218-916D3C42288C failed because the shell was not found on the server. Possible causes are: the specified ShellId is incorrect or the shell no longer exists on the server. Provide the correct ShellId or create a new shell and retry the operation.
Lead to getshell is 404 or can get shell。
make automatic
hi bro,
if it is possible please add this module:
https://github.com/Udyz/Automatic-Proxylogon-Exploit
to find email automatically and exploit it with getting shell tnx
Error when dropshell
I have this message when dropshell. Please give me a guide or something to solve this problem
"The name must be unique per mailbox. There isn't a default name available for a new request owned by mailbox 'Administrator'. Please clean up existing requests by using the Remove cmdlet or specify a unique name"
Get shell but unable to execute any commands
Hi,
Thank you for your effort writing this POC!
However, when I try this against Exchange Server 2019 CU 8 I get a shell but no commands work. If I try executing "whoami" the error I get is "The term 'whoami.exe' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again". If I try checking if constrained language mode is enabled using "$ExecutionContext.SessionState.LanguageMode" I get the error "A variable that cannot be referenced in restricted language mode or a Data section is being referenced. Variables that can be referenced include the following: $PSCulture, $PSUICulture, $true, $false, $null.". This reply is strange since I have double checked if constrained language mode is enabled on the Exchange server and it is not.
See the attached picture for more information.
Is there anything I can do to fix this?
Thanks!
XML ParseError error
Anyone can fix this error ?!
Traceback (most recent call last):
File "proxyshell_rce.py", line 369, in <module>
main()
File "proxyshell_rce.py", line 349, in main
exploit(proxyshell)
File "proxyshell_rce.py", line 179, in exploit
proxyshell.get_legacydn()
File "proxyshell_rce.py", line 117, in get_legacydn
autodiscover_xml = ET.fromstring(r.content)
File "/usr/lib/python3.8/xml/etree/ElementTree.py", line 1321, in XML
return parser.close()
xml.etree.ElementTree.ParseError: no element found: line 1, column 0
使用dropshell命令后,重复请求
help
hay
create template nuclei
CreateItem Content encode\decode function
hi
how can change content of attachment?
mpbbCrypt = [65, 54, 19, 98, 168, 33, 110, 187, 244, 22, 204, 4, 127, 100, 232, …]
encode_table = bytes.maketrans((bytearray(mpbbCrypt), bytearray(range(256)))
'<%@ Page Language="Jscript"%>…'.translate(encode_table)
I want put my own payload to attachment
New-ManagementRoleAssignment error
127.0.0.1 - - [16/Aug/2021 15:43:22] "POST /wsman HTTP/1.1" 200 -
OUTPUT:
ERROR:
The term 'New-ManagementRoleAssignment' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
All command is not recognized
I have a problem with PS CLI, when I enter any command - it is not recognized.
PS> whoami
127.0.0.1 - - [17/Aug/2021 08:54:19] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:19] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:19] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:19] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:19] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:19] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:19] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:19] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:19] "POST /wsman HTTP/1.1" 200 -
OUTPUT:
ERROR:
The term 'whoami.exe' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
PS> get-module
127.0.0.1 - - [17/Aug/2021 08:54:38] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:39] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:39] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:39] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:40] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:40] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Aug/2021 08:54:40] "POST /wsman HTTP/1.1" 200 -
OUTPUT:
ERROR:
The term 'Get-Module' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
Any ideas why this is happening?
All the process was success but cant run any cmd/powershell command
Someone here solve the issue ?
PS> whoami
[+] Created powershell session on abc.test.wh
127.0.0.1 - - [17/Nov/2021 12:01:10] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Nov/2021 12:01:11] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Nov/2021 12:01:11] "POST /wsman HTTP/1.1" 200 -
[-] Load balanced to wrong server: abc2.test.wh
[-] Load balanced to wrong server: abc2.test.wh
127.0.0.1 - - [17/Nov/2021 12:01:12] "POST /wsman HTTP/1.1" 200 -
[-] Load balanced to wrong server: abc2.test.wh
127.0.0.1 - - [17/Nov/2021 12:01:13] "POST /wsman HTTP/1.1" 200 -
127.0.0.1 - - [17/Nov/2021 12:01:13] "POST /wsman HTTP/1.1" 200 -
[+] PS> whoami
OUTPUT:
ERROR:
The term 'whoami.exe' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
[-] Load balanced to wrong server: abc2.test.wh
127.0.0.1 - - [17/Nov/2021 12:01:14] "POST /wsman HTTP/1.1" 200 -
PS>
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.