Share
## https://sploitus.com/exploit?id=4D11A641-A378-5AE3-8CCD-C45CFD453293
# CVE-2022-41082-POC
PoC for the CVE-2022-41082 NotProxyShell OWASSRF Vulnerability Effecting Microsoft Exchange Servers

This is Post-Auth RCE for ProxyNotShell OWASSRF, valid cardentials are needed for command execution.

# Affected versions
Exchange 2013,16,19 till 08.11.2022 patch
This exploit bypasses Microsoft Hotfix from October 2022

# Setup
```
pip install -r requirements.txt
```

# Running
```
usage: python poc.py [-H Target] [-u username] [-p "password"] [-c cmd_file]
python poc.py -H https://192.168.0.1 -u user2 -p "123QWEasd!@#" -c cmd_file'
```