Exchange 2019
Exchange 2019:- Finding hidden credentials after obtaining a shell
Many admins save credentials in text, log, and other format files on servers, this can be a once off thing where they are troubleshooting something or they saved it there, thinking it is in a safe place and because nobody has access to servers generally, only...
Exchange 2019:- Running BurpSuite against your server to identify potential issues
BurpSuite has a scanner builtin that allows you to scan a URL or URLs and this will give you an output of what is vulnerabilities or misconfigurations are set. A simple thing may be the SSL certificate on your Exchange server, while you may think this is not...
Exchange 2019:- ProxyToken Exploit
In three of my previous blog posts, we looked at exploiting unpatched/vulnerable Exchange servers with "ProxyLogon", "ProxyShell" and "ProxyNotShell". As the exploit lists keep growing, we will look at the "ProxyToken" exploit. One of my many Exchange 2019 lab servers...
Windows Server 2022:- Bypassing Windows Defender with Nim
This article is about a YouTube video by "Tyler Ramsbey" that I used in my own environment to get a Reverse Shell from a Windows 2022 Server that is fully patched and Windows Defender did not detect me. All credit goes to "Tyler" and to "Sn1r" that created the Nim...
Exchange 2019:- Install the November 2023 Security Update (KB5032146)
Microsoft released the November 2023 Security Update (SU) for Exchange Server 2019. To read about this update and more, you can head over to the URL below:...
Exchange 2019:- ECP_DLP_Policy Exploit
I have been covering some of the exploits in Exchange Server in a few of my blog posts and wanted to highlight the fact that I tested another one which allowed me to get a shell on the Exchange Server. Metasploit has a module for the above exploit which worked against...
Exchange 2019:- ProxyNotShell Exploit
In two of my previous blog posts, we looked at exploiting unpatched/vulnerable Exchange servers with "ProxyLogon" and "ProxyShell". As the exploit lists keep growing, we will look at the "ProxyNotShell" exploit. One of my many Exchange 2019 lab servers was running...
Exchange 2019:- ProxyShell Exploit
In my previous blog post we looked at the Proxy Logon Exploit where several CVE's could be used to exploit an Exchange Server. In this article we will look at another exploit called "ProxyShell". The CVE for this vulnerability is "CVE-2021-34473". Let's head over to...
Exchange 2019:- ProxyLogon Exploit
Many of us know the HAFNIUM attacks that took place a little while ago and many Exchange servers were compromised. The sad part is that many Exchange Servers are still unpatched and vulnerable to attack, maybe not to the CVE's listed below but to others as well. One...
Exchange 2019:- Using IISCrypto 3.3 with Exchange 2019 CU13
A few years back I wrote a blog post for Exchange 2016 where we used IISCrypto to remove Protocols, Ciphers, Hashes, Key Exchanges etc. that posed a security risk externally if the servers were published to the internet however upon running a newer release it seemed...