by edward | Dec 1, 2023 | Exchange 2019, Kali Linux, Windows Defender, Windows Server 2022
This article is about a YouTube video by “Tyler Ramsbey” that I used in my own environment to get a Reverse Shell from a Windows 2022 Server that is fully patched and Windows Defender did not detect me. All credit goes to “Tyler” and to...
by edward | Dec 1, 2023 | Exchange 2019
Microsoft released the November 2023 Security Update (SU) for Exchange Server 2019. To read about this update and more, you can head over to the URL below:...
by edward | Nov 30, 2023 | Exchange 2016, ECP_DLP_Policy, Exchange 2019, Kali Linux
I have been covering some of the exploits in Exchange Server in a few of my blog posts and wanted to highlight the fact that I tested another one which allowed me to get a shell on the Exchange Server. Metasploit has a module for the above exploit which worked against...
by edward | Nov 29, 2023 | Exchange 2016, Exchange 2013, Exchange 2019, Kali Linux, ProxyNotShell
In two of my previous blog posts, we looked at exploiting unpatched/vulnerable Exchange servers with “ProxyLogon” and “ProxyShell”. As the exploit lists keep growing, we will look at the “ProxyNotShell” exploit. One of my many...
by edward | Nov 28, 2023 | Exchange 2016, CVE-2021-34473, Exchange 2019, Kali Linux, ProxyShell
In my previous blog post we looked at the Proxy Logon Exploit where several CVE’s could be used to exploit an Exchange Server. In this article we will look at another exploit called “ProxyShell”. The CVE for this vulnerability is...
by edward | Nov 27, 2023 | Exchange 2016, Exchange 2019, Hafnium, Kali Linux, ProxyLogon
Many of us know the HAFNIUM attacks that took place a little while ago and many Exchange servers were compromised. The sad part is that many Exchange Servers are still unpatched and vulnerable to attack, maybe not to the CVE’s listed below but to others as well....