by edward | Dec 4, 2023 | Exchange 2019, BurpSuite
BurpSuite has a scanner builtin that allows you to scan a URL or URLs and this will give you an output of what is vulnerabilities or misconfigurations are set. A simple thing may be the SSL certificate on your Exchange server, while you may think this is not...
by edward | Dec 2, 2023 | Exchange 2016, CVE-2021-33766, Exchange 2019, Kali Linux, ProxyToken
In three of my previous blog posts, we looked at exploiting unpatched/vulnerable Exchange servers with “ProxyLogon”, “ProxyShell” and “ProxyNotShell”. As the exploit lists keep growing, we will look at the “ProxyToken”...
by edward | Nov 15, 2023 | Exchange 2016
As an IT Admin, mailbox migrations are a constant thing. Moving users to new databases because you have a new database or you trying clean up and old one with few users, or simply moving to Microsoft 365, there are times when things error out. Errors are not always...
by edward | Nov 10, 2023 | Exchange 2016
Sometimes the event logs on Exchange servers throw up errors or warnings that do not appear again. The event ID, 4002 for MSExchange Availability is a broad error/warning/informational alert. Looking a the error below, a Proxy request failed with an HTTP status code...
by edward | Nov 8, 2023 | Exchange 2016
As everything relies heavily on DNS and the ability to resolve names to IP’s etc., if your DNS upstream is not working or something firewall/internally is not working, things do not always function as they should and you are presented with false positives. A...