96da805014
Fix enumerating emails via ProxyShell
...
The ResolveNames endpoint used to gather emails addresses for targeting
only returns 100 at a time. This updates the module to check if the
search result contains all entries and when it does, it recurses into
itself with a refined search prefix. All results are returned to match
the original functionality instead of enumerating and halting once one
that's suitable for exploitation has been found.
2022-12-02 15:58:50 -05:00
264d45e04a
Appease rubocop
2022-11-28 10:16:55 -05:00
29d57dde66
Consolidate into ProxyMaybeShell
2022-11-18 17:01:01 -05:00
527057c700
Updated user agent strings in some modules where it shouldn't impact exploitability
2021-11-10 11:12:38 +11:00
33da289a9c
Print stderr when it's not blank
2021-08-31 09:18:11 -04:00
95015f0c2b
Update the ProxyShell module docs
2021-08-27 17:50:28 -04:00
425dcf1f81
Cleanup and refactor the exploit logic
2021-08-27 17:26:40 -04:00
965dec43ae
Delete the draft email
2021-08-27 16:59:17 -04:00
0b3b0aab7d
Fix the UNC path conversion regex
2021-08-27 15:56:58 -04:00
5e32ca9f56
Improve error checks and dont use whoami
2021-08-27 15:52:34 -04:00
c4cf99795e
Remove the requirement on knowing an email address
2021-08-27 15:34:51 -04:00
845c01f27f
Store the enumerated mailbox email addresses
2021-08-27 15:07:13 -04:00
6c01a0dbea
Work off of the system mailbox
2021-08-27 14:32:26 -04:00
d5fdcb8fcb
Add the plumbing to enumerate email addresses
2021-08-27 11:44:27 -04:00
0a06730802
Update contributors
2021-08-19 10:30:21 -05:00
84f8c44e69
Write to the targeted backend server
2021-08-18 12:34:40 -04:00
75e63992d6
Write an exploit for ProxyShell
2021-08-18 10:50:34 -04:00
Spencer McIntyre