Skip to content

GabTux/Proxylogon_POC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
chopper.py
chopper.py
 
 
main.py
main.py
 
 
proxylogon.py
proxylogon.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

ProxyLogon Vulnerability Proof-of-Concept (POC)

Note: This project is only for educational and security testing purposes. Do not use this POC for malicious or unauthorized activities.

Overview

This project demonstrates a proof-of-concept (POC) for the ProxyLogon vulnerability in Microsoft Exchange Server. ProxyLogon is a critical security flaw identified in early 2021 and affects specific versions of Microsoft Exchange Server. This POC is intended for security researchers and system administrators to understand and mitigate the vulnerability.

This project is a part of my bachelor thesis at FIT CTU University. The thesis focuses on Proxylogon attacks, and this POC is integral to the research. The thesis, written in the Czech language, can be found here.

Usage

Example usage:

python3 main.py -t https://10.0.0.10 \
-e MegaCorpAdmin@megacorp.local \
-l "C:\\Program Files\\Microsoft\\Exchange
Server\\V15\\FrontEnd\\HttpProxy\\ecp\\auth\\EvilCorp.aspx" \
-x http://127.0.0.1:8080 \
-r "/ecp/auth/EvilCorp.aspx" \
-s EvilCorp

expl_pycharm_console_dark

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages