CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-28 07:12:31 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
efebdd4f2d72a3494ec92163e9e88e00a3646b8a
CVEs-PoC/2021/CVE-2021-26855.md
T
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

262 lines
14 KiB
Markdown
Raw Blame History

### [CVE-2021-26855](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26855)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2021&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2022&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2023&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2010&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2011&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2012&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2013&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2014&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2015&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2016&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2017&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2018&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%209&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%202&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%203&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%204&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%205&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%206&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=15.00.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=15.01.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=15.02.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brightgreen)
### Description
Microsoft Exchange Server Remote Code Execution Vulnerability
### POC
#### Reference
- http://packetstormsecurity.com/files/161846/Microsoft-Exchange-2019-SSRF-Arbitrary-File-Write.html
- http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/162610/Microsoft-Exchange-2019-Unauthenticated-Email-Download.html
- http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html
#### Github
- https://github.com/00011100/HAFHunt
- https://github.com/0ps/pocassistdb
- https://github.com/0xAbdullah/CVE-2021-26855
- https://github.com/0xmahmoudJo0/Check_Emails_For_CVE_2021_26855
- https://github.com/1342486672/Flangvik
- https://github.com/20142995/Goby
- https://github.com/20142995/nuclei-templates
- https://github.com/20142995/pocsuite3
- https://github.com/20142995/sectool
- https://github.com/34zY/APT-Backpack
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Ahsanzia/Exchange-Exploit
- https://github.com/Astrogeorgeonethree/Starred
- https://github.com/Astrogeorgeonethree/Starred2
- https://github.com/Atem1988/Starred
- https://github.com/BC-SECURITY/Moriarty
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Coldplay1517/Middleware-Vulnerability-detection-master
- https://github.com/DCScoder/Exchange_IOC_Hunter
- https://github.com/Dutch-Technology-eXperts/CSIRT
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/FDlucifer/Proxy-Attackchain
- https://github.com/FDlucifer/firece-fish
- https://github.com/Flangvik/SharpProxyLogon
- https://github.com/GhostTroops/TOP
- https://github.com/H0j3n/EzpzCheatSheet
- https://github.com/HackingCost/AD_Pentest
- https://github.com/HaloX-Security/HaloX
- https://github.com/HimmelAward/Goby_POC
- https://github.com/Himnish/Cyber-9-12
- https://github.com/HubTou/oab
- https://github.com/Immersive-Labs-Sec/ProxyLogon
- https://github.com/JERRY123S/all-poc
- https://github.com/JERRY5410/HOMEWORK-FOR-ProxyLogon
- https://github.com/JFR-C/Windows-Penetration-Testing
- https://github.com/Jean-Francois-C/Windows-Penetration-Testing
- https://github.com/KotSec/CVE-2021-26855-Scanner
- https://github.com/La3B0z/CVE-2021-26855-SSRF-Exchange
- https://github.com/LearnGolang/LearnGolang
- https://github.com/M-AAS/CSIRT
- https://github.com/MacAsure/cve-2021-26855
- https://github.com/Madbat2024/Penetration-test
- https://github.com/MicahFleming/Risk-Assessment-Cap-Stone-
- https://github.com/Mr-xn/CVE-2021-26855-d
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NTUTtopicBryan/NTUT_HomeWork
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/NarbehJackson/python-flask-ssrfpdf-to-lfi
- https://github.com/Nick-Yin12/106362522
- https://github.com/NoTsPepino/Shodan-Dorking
- https://github.com/NyxAzrael/Goby_POC
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PEASEC/msexchange-server-cti-dataset
- https://github.com/PhantomMist271/cybersecurity-task-3-vulnerability-scan
- https://github.com/R0XDEADBEEF/CVE-2021-26855
- https://github.com/Ratlesv/LadonGo
- https://github.com/RickGeex/ProxyLogon
- https://github.com/RistBS/Awesome-RedTeam-Cheatsheet
- https://github.com/SCS-Labs/HAFNIUM-Microsoft-Exchange-0day
- https://github.com/SYRTI/POC_to_review
- https://github.com/Seeps/shellcollector
- https://github.com/SexyBeast233/SecBooks
- https://github.com/ShyTangerine/cve-2021-26855
- https://github.com/SofianeHamlaoui/Conti-Clear
- https://github.com/SotirisKar/CVE-2021-26855
- https://github.com/SpearTip-Cyber-Counterintelligence/Zirconium
- https://github.com/Staubgeborener/stars
- https://github.com/T0mcat3r/ALinks
- https://github.com/TaroballzChen/ProxyLogon-CVE-2021-26855-metasploit
- https://github.com/Th3eCrow/CVE-2021-26855-SSRF-Exchange
- https://github.com/TheDudeD6/ExchangeSmash
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/Udyz/Proxylogon
- https://github.com/Vluthor/Threat-Detection-SOC-Analysis
- https://github.com/WhileEndless/NucleiTemplateDocumentation
- https://github.com/WhooAmii/POC_to_review
- https://github.com/WiredPulse/Invoke-HAFNIUMCheck.ps1
- https://github.com/Yt1g3r/CVE-2021-26855_SSRF
- https://github.com/Z0fhack/Goby_POC
- https://github.com/ZTK-009/LadonGo
- https://github.com/ZephrFish/Exch-CVE-2021-26855
- https://github.com/ZephrFish/Exch-CVE-2021-26855_Priv
- https://github.com/adarshpv9746/Microsoft-Proxylogon
- https://github.com/andyinmatrix/PowerShell
- https://github.com/anquanscan/sec-tools
- https://github.com/apachecn-archive/Middleware-Vulnerability-detection
- https://github.com/avi8892/CVE-2021-26856
- https://github.com/aymankhder/Windows-Penetration-Testing
- https://github.com/badigervijay/AI-Based-Threat-Intelligence-Platform
- https://github.com/barkandbite/iranian-apt-detection
- https://github.com/bhassani/Recent-CVE
- https://github.com/binganao/vulns-2022
- https://github.com/boson87225/111
- https://github.com/byinarie/Zirconium
- https://github.com/catmandx/CVE-2021-26855-Exchange-RCE
- https://github.com/cert-lv/exchange_webshell_detection
- https://github.com/certat/exchange-scans
- https://github.com/charlottelatest/CVE-2021-26855
- https://github.com/conjojo/Microsoft_Exchange_Server_SSRF_CVE-2021-26855
- https://github.com/cryptolakk/ProxyLogon-Mass-RCE
- https://github.com/ct-scorch/Security-Assessment-Findings-Report
- https://github.com/cyb0rgdoll/reconresource
- https://github.com/cyb3r-w0lf/nuclei-template-collection
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/cyware-labs/Operation-Exchange-Marauder
- https://github.com/danyk20/pentest
- https://github.com/deepinstinct/Israel-Cyber-Warfare-Threat-Actors
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/doris0213/Proxy-Logon
- https://github.com/dwisiswant0/proxylogscan
- https://github.com/evilashz/ExchangeSSRFtoRCEExploit
- https://github.com/getanehAl/Windows-Penetration-Testing
- https://github.com/glen-pearson/ProxyLogon-CVE-2021-26855
- https://github.com/h4x0r-dz/CVE-2021-26855
- https://github.com/hackerschoice/CVE-2021-26855
- https://github.com/hackerxj007/CVE-2021-26855
- https://github.com/hakivvi/proxylogon
- https://github.com/heikanet/Microsoft-Exchange-RCE
- https://github.com/helsecert/2021-march-exchange
- https://github.com/herwonowr/exprolog
- https://github.com/hictf/CVE-2021-26855-CVE-2021-27065
- https://github.com/hktalent/Scan4all_Pro
- https://github.com/hktalent/TOP
- https://github.com/hktalent/bug-bounty
- https://github.com/hosch3n/ProxyVulns
- https://github.com/huike007/penetration_poc
- https://github.com/huisetiankong478/penetration_poc
- https://github.com/iceberg-N/cve-2021-26855
- https://github.com/itscio/LadonGo
- https://github.com/jbmihoub/all-poc
- https://github.com/jweny/pocassistdb
- https://github.com/k0imet/CVE-POCs
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/k8gege/LadonGo
- https://github.com/kh4sh3i/ProxyLogon
- https://github.com/kh4sh3i/exchange-penetration-testing
- https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/lishuo1999/SK15_Forensic_Project
- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection
- https://github.com/malwaremily/infosec-news-briefs
- https://github.com/manas3c/CVE-POC
- https://github.com/mauricelambert/ExchangeWeaknessTest
- https://github.com/mekhalleh/exchange_proxylogon
- https://github.com/meltingscales/DragonShard
- https://github.com/micaelarg/vulnerability_scanner_public
- https://github.com/mil1200/ProxyLogon-CVE-2021-26855
- https://github.com/mr-yeet/RistBSs_Awesome-RedTeam-Cheatsheet
- https://github.com/mrhili/CVE-SEARCH-NVD
- https://github.com/mysticwayfarer1/Exchange-HAFNIUM
- https://github.com/naufalqwe/proxylogscan-master
- https://github.com/netlas-io/MsExchangeServerVersionCheck
- https://github.com/nitinsanap95-hash/Elevate-Lab-Task-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nullfuzz-pentest/shodan-dorks
- https://github.com/nullx3d/PaypScan
- https://github.com/p0wershe11/ProxyLogon
- https://github.com/password520/LadonGo
- https://github.com/pen4uin/awesome-vulnerability-research
- https://github.com/pen4uin/vulnerability-research
- https://github.com/pen4uin/vulnerability-research-list
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/praetorian-inc/proxylogon-exploit
- https://github.com/pussycat0x/CVE-2021-26855-SSRF
- https://github.com/pwnlog/ALinks
- https://github.com/pwnlog/PAD
- https://github.com/pwnlog/PuroAD
- https://github.com/pwnlog/PurpAD
- https://github.com/r0ckysec/CVE-2021-26855_Exchange
- https://github.com/r0eXpeR/redteam_vul
- https://github.com/r0eXpeR/supplier
- https://github.com/r0xDB/CVE-2021-26855
- https://github.com/r0xdeadbeef/CVE-2021-26855
- https://github.com/raheel0x01/CVE-2021-26855
- https://github.com/retr0-13/proxy_Attackchain
- https://github.com/revjkee/aethernova
- https://github.com/saucer-man/exploit
- https://github.com/seanjosee/NTUT_HOMEWORK
- https://github.com/sgnls/exchange-0days-202103
- https://github.com/shacojx/CVE-2021-26855-exploit-Exchange
- https://github.com/shacojx/CVE_2021_26855_SSRF
- https://github.com/shacojx/Scan-Vuln-CVE-2021-26855
- https://github.com/shanyuhe/YesPoc
- https://github.com/shengshengli/LadonGo
- https://github.com/soosmile/POC
- https://github.com/soteria-security/HAFNIUM-IOC
- https://github.com/sotiriskar/CVE-2021-26855
- https://github.com/srvaccount/CVE-2021-26855-PoC
- https://github.com/ssrsec/Microsoft-Exchange-RCE
- https://github.com/stressboi/hafnium-exchange-splunk-csvs
- https://github.com/superfish9/pt
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/thau0x01/poc_proxylogon
- https://github.com/timb-machine-mirrors/testanull-CVE-2021-26855_read_poc.txt
- https://github.com/trhacknon/Pocingit
- https://github.com/triw0lf/Security-Matters-22
- https://github.com/txuswashere/Cybersecurity-Handbooks
- https://github.com/tzwlhack/Vulnerability
- https://github.com/vehemont/nvdlib
- https://github.com/vidura2/Shodan-Quest
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yaoxiaoangry3/Flangvik
- https://github.com/youwizard/CVE-POC
- https://github.com/zainimran/Capstone-MISP-Module
- https://github.com/zecool/cve
- https://github.com/zhibx/fscan-Intranet
- https://github.com/zhoubingyan1/Golang-Learning
- https://github.com/zhzyker/vulmap
Reference in New Issue View Git Blame Copy Permalink