Exploit for Deserialization of Untrusted Data in Microsoft CVE-2022-41082

Name: Exploit for Deserialization of Untrusted Data in Microsoft CVE-2022-41082
Rating: 5 (205 reviews)

2022-12-22 | CVSS 5.2

## https://sploitus.com/exploit?id=DF35E634-51B1-5A30-AB0B-8518E3754609
# CVE-2022-41082-POC
PoC for the CVE-2022-41082 NotProxyShell OWASSRF Vulnerability Effecting Microsoft Exchange Servers

This is Post-Auth RCE for ProxyNotShell OWASSRF, valid cardentials are needed for command execution.

# Added the Powershell PoC script for TabShell Vulnerability (CVE-2022-41076)
The TabShell vulnerability its a form of Privilege Escalation which allows breaking out of the restricted Powershell Sandbox after you have successfully gained access through OWASSRF.

# Affected versions
Exchange 2013,16,19 till 08.11.2022 patch
This exploit bypasses Microsoft Hotfix from October 2022

# Setup
```
pip install -r requirements.txt
```

# Running
```
usage: python poc.py [-H Target] [-u username] [-p "password"] [-c cmd_file]
python poc.py -H https://192.168.0.1 -u user2 -p "123QWEasd!@#" -c cmd_file'
```