Share
## https://sploitus.com/exploit?id=B41E439D-5EE2-52CC-8023-C57C540FB59C
Recreation of the SharePoint PoC for CVE-2023-29357 in C# with lots of help from ChatGPT.  
Build with .Net Version 4.7.2 in Visual Studio 2017   
Use NuGet Package manager to install any missing packages  
Yara rules for detection below  

Usage:  
```
CVE-2023-29357.exe http(s)://yoursharepoint.lol [-v]
```
![image](https://github.com/LuemmelSec/CVE-2023-29357/assets/58529760/eaa72166-7644-458c-8aeb-791d9e5fd205)

Huge shoutout to:  
[Jang](https://twitter.com/testanull) for being very supportive with explainations on exploit steps and his huge writeup:  
https://testbnull.medium.com/p2o-vancouver-2023-v%C3%A0i-d%C3%B2ng-v%E1%BB%81-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955-ed97dcab131e  

[WhiteKnight](https://twitter.com/Chocapikk_) for his support and the Python exploit:  
https://github.com/Chocapikk/CVE-2023-29357  

[Florian Roth](https://twitter.com/cyb3rops) for his immediate efforts to provide YARA rules to help you protect against the usage of the current exploits:  
https://twitter.com/cyb3rops/status/1707678149448700270  
https://github.com/Neo23x0/signature-base/blob/master/yara/expl_sharepoint_cve_2023_29357.yar