by edward | Dec 26, 2023 | Exchange 2019, CVE-2023-23397, Kali Linux
In my Exchange 2019 lab, I tested out this exploit and it works which is scary. The POC listed Outlook 2013 and 2016 but it also worked for me on Outlook 2019. If you want to read about this POC, head over to GitHub here:...
by edward | Dec 25, 2023 | Exchange 2013
If you are still running Exchange 2013, don’t neglect your patching. I had not updated my lab servers in two (2) years and updated to the latest Cumulative Update (CU) and Security Update (SU) that is available. Patching ensures that you are secure with what has...
by edward | Dec 24, 2023 | Exchange 2016, Exchange 2019
In one of my lab servers, I was busy working on a project and email would just not send. I kept on getting the error below from the consoles output: Error with SMTP server… (451, b’4.7.0 Temporary server error. Please try again later. PRX2′) This...
by edward | Dec 23, 2023 | Exchange 2016, Exchange 2019, Google Captcha
In one of my recent blog posts, we covered brute forcing of the OWA page in Exchange 2019, this also applies to Exchange 2016 and Exchange 2013. If an attacker successfully gains access, they might access an account that has elevated privileges or given enough time,...
by edward | Dec 21, 2023 | PowerShell, SharpKiller, Windows Defender
I am constantly testing defender and other Anti-Virus products on what they detect and came across this nice tool called SharpKiller. Here is the link to the GitHub Repository where you can read all about it: https://wwwgithub.com/S1lkys/SharpKiller Windows Defender...