2021-03-03 16:09:26 +01:00
[
{
"id" : 344161221 ,
"name" : "exchange-0days-202103" ,
"full_name" : "sgnls\/exchange-0days-202103" ,
"owner" : {
"login" : "sgnls" ,
"id" : 11134228 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/11134228?v=4" ,
"html_url" : "https:\/\/github.com\/sgnls"
} ,
"html_url" : "https:\/\/github.com\/sgnls\/exchange-0days-202103" ,
"description" : "IoC determination for exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065." ,
"fork" : false ,
"created_at" : "2021-03-03T14:50:16Z" ,
2021-03-15 16:09:38 +01:00
"updated_at" : "2021-03-15T11:42:08Z" ,
"pushed_at" : "2021-03-15T11:42:06Z" ,
2021-03-12 22:09:57 +01:00
"stargazers_count" : 5 ,
"watchers_count" : 5 ,
"forks_count" : 4 ,
"forks" : 4 ,
"watchers" : 5 ,
2021-03-03 22:09:45 +01:00
"score" : 0
} ,
{
"id" : 344210374 ,
"name" : "HAFNIUM-IOC" ,
"full_name" : "soteria-security\/HAFNIUM-IOC" ,
"owner" : {
"login" : "soteria-security" ,
"id" : 49722282 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/49722282?v=4" ,
"html_url" : "https:\/\/github.com\/soteria-security"
} ,
"html_url" : "https:\/\/github.com\/soteria-security\/HAFNIUM-IOC" ,
"description" : "A PowerShell script to identify indicators of exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865" ,
"fork" : false ,
"created_at" : "2021-03-03T17:36:18Z" ,
2021-03-20 16:10:38 +01:00
"updated_at" : "2021-03-20T09:42:34Z" ,
2021-03-05 22:10:47 +01:00
"pushed_at" : "2021-03-05T17:09:01Z" ,
2021-03-20 16:10:38 +01:00
"stargazers_count" : 15 ,
"watchers_count" : 15 ,
2021-03-10 10:09:31 +01:00
"forks_count" : 1 ,
"forks" : 1 ,
2021-03-20 16:10:38 +01:00
"watchers" : 15 ,
2021-03-05 16:09:25 +01:00
"score" : 0
} ,
{
"id" : 344742582 ,
"name" : "exchange_webshell_detection" ,
"full_name" : "cert-lv\/exchange_webshell_detection" ,
"owner" : {
"login" : "cert-lv" ,
"id" : 22764485 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/22764485?v=4" ,
"html_url" : "https:\/\/github.com\/cert-lv"
} ,
"html_url" : "https:\/\/github.com\/cert-lv\/exchange_webshell_detection" ,
2021-03-05 22:10:47 +01:00
"description" : "Detect webshells dropped on Microsoft Exchange servers exploited through \"proxylogon\" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)" ,
2021-03-05 16:09:25 +01:00
"fork" : false ,
"created_at" : "2021-03-05T08:22:07Z" ,
2021-03-22 10:12:24 +01:00
"updated_at" : "2021-03-22T03:36:12Z" ,
2021-03-16 10:09:15 +01:00
"pushed_at" : "2021-03-16T08:34:14Z" ,
2021-03-22 10:12:24 +01:00
"stargazers_count" : 84 ,
"watchers_count" : 84 ,
2021-03-20 10:10:24 +01:00
"forks_count" : 19 ,
"forks" : 19 ,
2021-03-22 10:12:24 +01:00
"watchers" : 84 ,
2021-03-06 16:09:11 +01:00
"score" : 0
} ,
{
"id" : 345052378 ,
"name" : "Microsoft_Exchange_Server_SSRF_CVE-2021-26855" ,
"full_name" : "conjojo\/Microsoft_Exchange_Server_SSRF_CVE-2021-26855" ,
"owner" : {
"login" : "conjojo" ,
"id" : 79626719 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/79626719?v=4" ,
"html_url" : "https:\/\/github.com\/conjojo"
} ,
"html_url" : "https:\/\/github.com\/conjojo\/Microsoft_Exchange_Server_SSRF_CVE-2021-26855" ,
"description" : "Microsoft Exchange Server SSRF漏洞(CVE-2021-26855)" ,
"fork" : false ,
"created_at" : "2021-03-06T09:15:55Z" ,
2021-03-12 16:09:21 +01:00
"updated_at" : "2021-03-12T10:24:19Z" ,
2021-03-06 16:09:11 +01:00
"pushed_at" : "2021-03-06T10:34:49Z" ,
2021-03-12 16:09:21 +01:00
"stargazers_count" : 36 ,
"watchers_count" : 36 ,
2021-03-11 22:09:25 +01:00
"forks_count" : 8 ,
"forks" : 8 ,
2021-03-12 16:09:21 +01:00
"watchers" : 36 ,
2021-03-06 22:10:09 +01:00
"score" : 0
} ,
{
"id" : 345173055 ,
"name" : "CVE-2021-26855-SSRF" ,
"full_name" : "pussycat0x\/CVE-2021-26855-SSRF" ,
"owner" : {
"login" : "pussycat0x" ,
"id" : 65701233 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/65701233?v=4" ,
"html_url" : "https:\/\/github.com\/pussycat0x"
} ,
"html_url" : "https:\/\/github.com\/pussycat0x\/CVE-2021-26855-SSRF" ,
"description" : "This script helps to identify CVE-2021-26855 ssrf Poc" ,
"fork" : false ,
"created_at" : "2021-03-06T19:03:00Z" ,
2021-03-21 16:10:35 +01:00
"updated_at" : "2021-03-21T12:27:31Z" ,
2021-03-10 10:09:31 +01:00
"pushed_at" : "2021-03-10T07:41:56Z" ,
2021-03-21 16:10:35 +01:00
"stargazers_count" : 14 ,
"watchers_count" : 14 ,
"forks_count" : 6 ,
"forks" : 6 ,
"watchers" : 14 ,
2021-03-03 16:09:26 +01:00
"score" : 0
2021-03-07 04:08:28 +01:00
} ,
{
"id" : 345215022 ,
"name" : "CVE-2021-26855" ,
"full_name" : "0xAbdullah\/CVE-2021-26855" ,
"owner" : {
"login" : "0xAbdullah" ,
"id" : 29471278 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/29471278?v=4" ,
"html_url" : "https:\/\/github.com\/0xAbdullah"
} ,
"html_url" : "https:\/\/github.com\/0xAbdullah\/CVE-2021-26855" ,
"description" : "PoC for CVE-2021-26855 -Just a checker-" ,
"fork" : false ,
"created_at" : "2021-03-06T23:12:22Z" ,
2021-03-15 22:09:09 +01:00
"updated_at" : "2021-03-15T17:37:56Z" ,
2021-03-10 04:09:22 +01:00
"pushed_at" : "2021-03-09T22:07:46Z" ,
2021-03-15 22:09:09 +01:00
"stargazers_count" : 13 ,
"watchers_count" : 13 ,
2021-03-10 10:09:31 +01:00
"forks_count" : 2 ,
"forks" : 2 ,
2021-03-15 22:09:09 +01:00
"watchers" : 13 ,
2021-03-07 04:08:28 +01:00
"score" : 0
2021-03-07 10:09:11 +01:00
} ,
{
"id" : 345228496 ,
"name" : "CVE-2021-26855-SSRF-Exchange" ,
"full_name" : "Th3eCrow\/CVE-2021-26855-SSRF-Exchange" ,
"owner" : {
"login" : "Th3eCrow" ,
"id" : 10507748 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/10507748?v=4" ,
"html_url" : "https:\/\/github.com\/Th3eCrow"
} ,
"html_url" : "https:\/\/github.com\/Th3eCrow\/CVE-2021-26855-SSRF-Exchange" ,
"description" : "CVE-2021-26855 SSRF Exchange Server" ,
"fork" : false ,
"created_at" : "2021-03-07T00:55:16Z" ,
2021-03-10 10:09:31 +01:00
"updated_at" : "2021-03-10T04:02:32Z" ,
2021-03-07 10:09:11 +01:00
"pushed_at" : "2021-03-06T18:57:43Z" ,
2021-03-10 10:09:31 +01:00
"stargazers_count" : 6 ,
"watchers_count" : 6 ,
2021-03-09 16:09:23 +01:00
"forks_count" : 3 ,
"forks" : 3 ,
2021-03-10 10:09:31 +01:00
"watchers" : 6 ,
2021-03-08 10:09:27 +01:00
"score" : 0
} ,
2021-03-15 04:09:16 +01:00
{
"id" : 345337490 ,
"name" : "exchange_proxylogon" ,
"full_name" : "mekhalleh\/exchange_proxylogon" ,
"owner" : {
"login" : "mekhalleh" ,
"id" : 5225129 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/5225129?v=4" ,
"html_url" : "https:\/\/github.com\/mekhalleh"
} ,
"html_url" : "https:\/\/github.com\/mekhalleh\/exchange_proxylogon" ,
"description" : "Module pack for #ProxyLogon (part. of my contribute for Metasploit-Framework) [CVE-2021-26855 && CVE-2021-27065]" ,
"fork" : false ,
"created_at" : "2021-03-07T12:12:16Z" ,
2021-03-21 22:13:18 +01:00
"updated_at" : "2021-03-21T20:45:47Z" ,
2021-03-22 22:10:45 +01:00
"pushed_at" : "2021-03-22T19:18:27Z" ,
2021-03-16 10:09:15 +01:00
"stargazers_count" : 1 ,
"watchers_count" : 1 ,
"forks_count" : 2 ,
"forks" : 2 ,
"watchers" : 1 ,
2021-03-15 04:09:16 +01:00
"score" : 0
} ,
2021-03-08 10:09:27 +01:00
{
"id" : 345567206 ,
"name" : "CVE-2021-26855_SSRF" ,
"full_name" : "Yt1g3r\/CVE-2021-26855_SSRF" ,
"owner" : {
"login" : "Yt1g3r" ,
"id" : 12625147 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/12625147?v=4" ,
"html_url" : "https:\/\/github.com\/Yt1g3r"
} ,
"html_url" : "https:\/\/github.com\/Yt1g3r\/CVE-2021-26855_SSRF" ,
2021-03-11 10:09:27 +01:00
"description" : "POC of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865, ProxyLogon poc" ,
2021-03-08 10:09:27 +01:00
"fork" : false ,
"created_at" : "2021-03-08T07:28:21Z" ,
2021-03-12 22:09:57 +01:00
"updated_at" : "2021-03-12T16:16:04Z" ,
2021-03-11 10:09:27 +01:00
"pushed_at" : "2021-03-11T03:28:47Z" ,
2021-03-12 22:09:57 +01:00
"stargazers_count" : 2 ,
"watchers_count" : 2 ,
2021-03-18 10:09:24 +01:00
"forks_count" : 4 ,
"forks" : 4 ,
2021-03-12 22:09:57 +01:00
"watchers" : 2 ,
2021-03-08 10:09:27 +01:00
"score" : 0
2021-03-08 16:09:26 +01:00
} ,
2021-03-09 16:09:23 +01:00
{
"id" : 345586288 ,
"name" : "CVE-2021-26855" ,
"full_name" : "jsdryan\/CVE-2021-26855" ,
"owner" : {
"login" : "jsdryan" ,
"id" : 34669056 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/34669056?v=4" ,
"html_url" : "https:\/\/github.com\/jsdryan"
} ,
"html_url" : "https:\/\/github.com\/jsdryan\/CVE-2021-26855" ,
"description" : "CVE-2021-26855 exp" ,
"fork" : false ,
"created_at" : "2021-03-08T08:39:05Z" ,
2021-03-21 04:10:38 +01:00
"updated_at" : "2021-03-21T00:09:18Z" ,
2021-03-09 16:09:23 +01:00
"pushed_at" : "2021-03-08T08:09:01Z" ,
2021-03-21 04:10:38 +01:00
"stargazers_count" : 71 ,
"watchers_count" : 71 ,
"forks_count" : 67 ,
"forks" : 67 ,
"watchers" : 71 ,
2021-03-09 16:09:23 +01:00
"score" : 0
} ,
2021-03-08 16:09:26 +01:00
{
"id" : 345639477 ,
"name" : "proxylogscan" ,
"full_name" : "dwisiswant0\/proxylogscan" ,
"owner" : {
"login" : "dwisiswant0" ,
"id" : 25837540 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4" ,
"html_url" : "https:\/\/github.com\/dwisiswant0"
} ,
"html_url" : "https:\/\/github.com\/dwisiswant0\/proxylogscan" ,
"description" : "A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855)." ,
"fork" : false ,
"created_at" : "2021-03-08T11:54:32Z" ,
2021-03-20 04:11:50 +01:00
"updated_at" : "2021-03-20T02:02:34Z" ,
2021-03-17 16:09:30 +01:00
"pushed_at" : "2021-03-17T11:21:52Z" ,
2021-03-20 04:11:50 +01:00
"stargazers_count" : 107 ,
"watchers_count" : 107 ,
"forks_count" : 15 ,
"forks" : 15 ,
"watchers" : 107 ,
2021-03-09 16:09:23 +01:00
"score" : 0
} ,
{
"id" : 345955330 ,
"name" : "ExchangeWeaknessTest" ,
"full_name" : "mauricelambert\/ExchangeWeaknessTest" ,
"owner" : {
"login" : "mauricelambert" ,
"id" : 50479118 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4" ,
"html_url" : "https:\/\/github.com\/mauricelambert"
} ,
"html_url" : "https:\/\/github.com\/mauricelambert\/ExchangeWeaknessTest" ,
"description" : "This script test the CVE-2021-26855 vulnerability on Exchange Server." ,
"fork" : false ,
"created_at" : "2021-03-09T09:40:29Z" ,
"updated_at" : "2021-03-09T09:43:55Z" ,
"pushed_at" : "2021-03-09T09:42:51Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"forks_count" : 0 ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0
} ,
{
"id" : 345970212 ,
"name" : "Exchange_IOC_Hunter" ,
"full_name" : "DCScoder\/Exchange_IOC_Hunter" ,
"owner" : {
"login" : "DCScoder" ,
"id" : 42096735 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/42096735?v=4" ,
"html_url" : "https:\/\/github.com\/DCScoder"
} ,
"html_url" : "https:\/\/github.com\/DCScoder\/Exchange_IOC_Hunter" ,
"description" : "CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065" ,
"fork" : false ,
"created_at" : "2021-03-09T10:36:44Z" ,
2021-03-17 16:09:30 +01:00
"updated_at" : "2021-03-17T10:22:07Z" ,
"pushed_at" : "2021-03-17T10:22:05Z" ,
2021-03-09 16:09:23 +01:00
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"forks_count" : 0 ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0
} ,
{
"id" : 345990340 ,
"name" : "CVE-2021-26855" ,
"full_name" : "PwCNO-CTO\/CVE-2021-26855" ,
"owner" : {
"login" : "PwCNO-CTO" ,
"id" : 58770486 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/58770486?v=4" ,
"html_url" : "https:\/\/github.com\/PwCNO-CTO"
} ,
"html_url" : "https:\/\/github.com\/PwCNO-CTO\/CVE-2021-26855" ,
"description" : "Microsoft Exchange Server Remote Code Execution Vulnerability (ProxyLogon)" ,
"fork" : false ,
"created_at" : "2021-03-09T11:57:26Z" ,
"updated_at" : "2021-03-09T11:57:26Z" ,
"pushed_at" : "2021-03-09T11:57:27Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"forks_count" : 0 ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0
} ,
{
"id" : 346033440 ,
"name" : "CVE-2021-26855-PoC" ,
"full_name" : "srvaccount\/CVE-2021-26855-PoC" ,
"owner" : {
"login" : "srvaccount" ,
"id" : 76211832 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/76211832?v=4" ,
"html_url" : "https:\/\/github.com\/srvaccount"
} ,
"html_url" : "https:\/\/github.com\/srvaccount\/CVE-2021-26855-PoC" ,
"description" : "PoC exploit code for CVE-2021-26855" ,
"fork" : false ,
"created_at" : "2021-03-09T14:27:06Z" ,
2021-03-18 10:09:24 +01:00
"updated_at" : "2021-03-18T04:55:57Z" ,
2021-03-10 04:09:22 +01:00
"pushed_at" : "2021-03-09T21:59:53Z" ,
2021-03-18 10:09:24 +01:00
"stargazers_count" : 4 ,
"watchers_count" : 4 ,
"forks_count" : 17 ,
"forks" : 17 ,
"watchers" : 4 ,
2021-03-08 16:09:26 +01:00
"score" : 0
2021-03-09 22:09:21 +01:00
} ,
{
"id" : 346078570 ,
"name" : "CVE-2021-26855" ,
"full_name" : "h4x0r-dz\/CVE-2021-26855" ,
"owner" : {
"login" : "h4x0r-dz" ,
"id" : 26070859 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4" ,
"html_url" : "https:\/\/github.com\/h4x0r-dz"
} ,
"html_url" : "https:\/\/github.com\/h4x0r-dz\/CVE-2021-26855" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-09T16:54:39Z" ,
2021-03-22 16:11:20 +01:00
"updated_at" : "2021-03-22T12:36:33Z" ,
2021-03-09 22:09:21 +01:00
"pushed_at" : "2021-03-09T16:56:09Z" ,
2021-03-22 16:11:20 +01:00
"stargazers_count" : 72 ,
"watchers_count" : 72 ,
2021-03-23 04:10:42 +01:00
"forks_count" : 55 ,
"forks" : 55 ,
2021-03-22 16:11:20 +01:00
"watchers" : 72 ,
2021-03-10 10:09:31 +01:00
"score" : 0
} ,
{
"id" : 346241102 ,
"name" : "CVE-2021-26855_PoC" ,
"full_name" : "alt3kx\/CVE-2021-26855_PoC" ,
"owner" : {
"login" : "alt3kx" ,
"id" : 3140111 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4" ,
"html_url" : "https:\/\/github.com\/alt3kx"
} ,
"html_url" : "https:\/\/github.com\/alt3kx\/CVE-2021-26855_PoC" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-10T05:21:19Z" ,
2021-03-21 04:10:38 +01:00
"updated_at" : "2021-03-21T00:39:19Z" ,
2021-03-12 22:09:57 +01:00
"pushed_at" : "2021-03-12T16:19:50Z" ,
2021-03-21 04:10:38 +01:00
"stargazers_count" : 42 ,
"watchers_count" : 42 ,
2021-03-19 22:10:57 +01:00
"forks_count" : 23 ,
"forks" : 23 ,
2021-03-21 04:10:38 +01:00
"watchers" : 42 ,
2021-03-10 16:09:32 +01:00
"score" : 0
} ,
{
"id" : 346347325 ,
"name" : "CVE-2021-26855" ,
"full_name" : "achabahe\/CVE-2021-26855" ,
"owner" : {
"login" : "achabahe" ,
"id" : 12010973 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/12010973?v=4" ,
"html_url" : "https:\/\/github.com\/achabahe"
} ,
"html_url" : "https:\/\/github.com\/achabahe\/CVE-2021-26855" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-10T12:23:43Z" ,
2021-03-12 10:09:31 +01:00
"updated_at" : "2021-03-12T08:21:02Z" ,
2021-03-10 16:09:32 +01:00
"pushed_at" : "2021-03-10T12:46:41Z" ,
2021-03-12 10:09:31 +01:00
"stargazers_count" : 4 ,
"watchers_count" : 4 ,
2021-03-11 10:09:27 +01:00
"forks_count" : 3 ,
"forks" : 3 ,
2021-03-12 10:09:31 +01:00
"watchers" : 4 ,
2021-03-09 22:09:21 +01:00
"score" : 0
2021-03-11 22:09:25 +01:00
} ,
{
"id" : 346816198 ,
"name" : "CVE-2021-26855" ,
"full_name" : "raheel0x01\/CVE-2021-26855" ,
"owner" : {
"login" : "raheel0x01" ,
"id" : 65211256 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/65211256?v=4" ,
"html_url" : "https:\/\/github.com\/raheel0x01"
} ,
"html_url" : "https:\/\/github.com\/raheel0x01\/CVE-2021-26855" ,
"description" : "CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server. According to Orange Tsai, the researcher who discovered the vulnerabilities, CVE-2021-26855 allows code execution when chained with CVE-2021-27065 (see below). A successful exploit chain would allow an unauthenticated attacker to \"execute arbitrary commands on Microsoft Exchange Server through only an open 443 port.\" More information and a disclosure timeline are available at https:\/\/proxylogon.com." ,
"fork" : false ,
"created_at" : "2021-03-11T19:35:35Z" ,
2021-03-19 16:09:29 +01:00
"updated_at" : "2021-03-19T14:13:49Z" ,
2021-03-15 04:09:16 +01:00
"pushed_at" : "2021-03-14T23:51:37Z" ,
2021-03-16 04:09:07 +01:00
"stargazers_count" : 6 ,
"watchers_count" : 6 ,
2021-03-15 16:09:38 +01:00
"forks_count" : 1 ,
"forks" : 1 ,
2021-03-16 04:09:07 +01:00
"watchers" : 6 ,
2021-03-11 22:09:25 +01:00
"score" : 0
} ,
{
"id" : 346834084 ,
"name" : "CVE-2021-26855" ,
"full_name" : "hackerschoice\/CVE-2021-26855" ,
"owner" : {
"login" : "hackerschoice" ,
"id" : 57636453 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/57636453?v=4" ,
"html_url" : "https:\/\/github.com\/hackerschoice"
} ,
"html_url" : "https:\/\/github.com\/hackerschoice\/CVE-2021-26855" ,
"description" : "PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github" ,
"fork" : false ,
"created_at" : "2021-03-11T20:51:48Z" ,
2021-03-22 10:12:24 +01:00
"updated_at" : "2021-03-22T06:50:36Z" ,
2021-03-11 22:09:25 +01:00
"pushed_at" : "2021-03-11T20:58:08Z" ,
2021-03-22 10:12:24 +01:00
"stargazers_count" : 43 ,
"watchers_count" : 43 ,
2021-03-22 22:10:45 +01:00
"forks_count" : 27 ,
"forks" : 27 ,
2021-03-22 10:12:24 +01:00
"watchers" : 43 ,
2021-03-12 04:09:39 +01:00
"score" : 0
} ,
{
"id" : 346840803 ,
"name" : "HAFNIUM-Microsoft-Exchange-0day" ,
"full_name" : "SCS-Labs\/HAFNIUM-Microsoft-Exchange-0day" ,
"owner" : {
"login" : "SCS-Labs" ,
"id" : 67705746 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/67705746?v=4" ,
"html_url" : "https:\/\/github.com\/SCS-Labs"
} ,
"html_url" : "https:\/\/github.com\/SCS-Labs\/HAFNIUM-Microsoft-Exchange-0day" ,
"description" : "CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065" ,
"fork" : false ,
"created_at" : "2021-03-11T21:18:29Z" ,
2021-03-17 22:11:20 +01:00
"updated_at" : "2021-03-17T20:22:25Z" ,
2021-03-12 22:09:57 +01:00
"pushed_at" : "2021-03-12T20:58:07Z" ,
2021-03-17 22:11:20 +01:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
2021-03-12 10:09:31 +01:00
"forks_count" : 0 ,
"forks" : 0 ,
2021-03-17 22:11:20 +01:00
"watchers" : 3 ,
2021-03-12 10:09:31 +01:00
"score" : 0
} ,
2021-03-12 16:09:21 +01:00
{
"id" : 347064151 ,
"name" : "CVE-2021-26855-Scanner" ,
"full_name" : "KotSec\/CVE-2021-26855-Scanner" ,
"owner" : {
"login" : "KotSec" ,
"id" : 80525807 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/80525807?v=4" ,
"html_url" : "https:\/\/github.com\/KotSec"
} ,
"html_url" : "https:\/\/github.com\/KotSec\/CVE-2021-26855-Scanner" ,
"description" : "Scanner and PoC for CVE-2021-26855 " ,
"fork" : false ,
"created_at" : "2021-03-12T12:47:41Z" ,
2021-03-16 04:09:07 +01:00
"updated_at" : "2021-03-15T23:37:29Z" ,
2021-03-12 16:09:21 +01:00
"pushed_at" : "2021-03-12T12:55:57Z" ,
2021-03-16 04:09:07 +01:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
2021-03-13 16:09:19 +01:00
"forks_count" : 2 ,
"forks" : 2 ,
2021-03-16 04:09:07 +01:00
"watchers" : 3 ,
2021-03-12 16:09:21 +01:00
"score" : 0
2021-03-14 22:08:23 +01:00
} ,
{
"id" : 347658157 ,
"name" : "Exch-CVE-2021-26855" ,
"full_name" : "ZephrFish\/Exch-CVE-2021-26855" ,
"owner" : {
"login" : "ZephrFish" ,
"id" : 5783068 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4" ,
"html_url" : "https:\/\/github.com\/ZephrFish"
} ,
"html_url" : "https:\/\/github.com\/ZephrFish\/Exch-CVE-2021-26855" ,
"description" : "CVE-2021-26855: PoC (Not a HoneyPoC for once!)" ,
"fork" : false ,
"created_at" : "2021-03-14T14:23:34Z" ,
2021-03-22 04:10:39 +01:00
"updated_at" : "2021-03-22T01:48:41Z" ,
2021-03-15 22:09:09 +01:00
"pushed_at" : "2021-03-15T18:56:38Z" ,
2021-03-22 04:10:39 +01:00
"stargazers_count" : 19 ,
"watchers_count" : 19 ,
"forks_count" : 7 ,
"forks" : 7 ,
"watchers" : 19 ,
2021-03-15 04:09:16 +01:00
"score" : 0
} ,
{
"id" : 347774757 ,
"name" : "ProxyLogon-CVE-2021-26855" ,
"full_name" : "mil1200\/ProxyLogon-CVE-2021-26855" ,
"owner" : {
"login" : "mil1200" ,
"id" : 18125445 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/18125445?v=4" ,
"html_url" : "https:\/\/github.com\/mil1200"
} ,
"html_url" : "https:\/\/github.com\/mil1200\/ProxyLogon-CVE-2021-26855" ,
"description" : "RCE exploit for ProxyLogon vulnerability in Microsoft Exchange" ,
"fork" : false ,
"created_at" : "2021-03-14T22:57:21Z" ,
2021-03-17 22:11:20 +01:00
"updated_at" : "2021-03-17T16:42:38Z" ,
2021-03-15 04:09:16 +01:00
"pushed_at" : "2021-03-14T23:03:12Z" ,
2021-03-17 22:11:20 +01:00
"stargazers_count" : 5 ,
"watchers_count" : 5 ,
2021-03-21 10:09:46 +01:00
"forks_count" : 5 ,
"forks" : 5 ,
2021-03-17 22:11:20 +01:00
"watchers" : 5 ,
2021-03-15 16:09:38 +01:00
"score" : 0
} ,
{
"id" : 347992754 ,
"name" : "CVE-2021-26855-d" ,
"full_name" : "Mr-xn\/CVE-2021-26855-d" ,
"owner" : {
"login" : "Mr-xn" ,
"id" : 18260135 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4" ,
"html_url" : "https:\/\/github.com\/Mr-xn"
} ,
"html_url" : "https:\/\/github.com\/Mr-xn\/CVE-2021-26855-d" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-15T14:03:16Z" ,
2021-03-16 16:10:50 +01:00
"updated_at" : "2021-03-16T12:52:25Z" ,
2021-03-15 16:09:38 +01:00
"pushed_at" : "2021-03-15T14:08:16Z" ,
2021-03-16 16:10:50 +01:00
"stargazers_count" : 5 ,
"watchers_count" : 5 ,
"forks_count" : 1 ,
"forks" : 1 ,
"watchers" : 5 ,
"score" : 0
} ,
{
"id" : 348253285 ,
"name" : "ProxyLogon" ,
"full_name" : "RickGeex\/ProxyLogon" ,
"owner" : {
"login" : "RickGeex" ,
"id" : 7975904 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/7975904?v=4" ,
"html_url" : "https:\/\/github.com\/RickGeex"
} ,
"html_url" : "https:\/\/github.com\/RickGeex\/ProxyLogon" ,
"description" : "ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth arbitrary-file-write vulnerability, CVE-2021-27065, to get code execution." ,
"fork" : false ,
"created_at" : "2021-03-16T07:31:25Z" ,
2021-03-17 22:11:20 +01:00
"updated_at" : "2021-03-17T18:10:25Z" ,
2021-03-16 16:10:50 +01:00
"pushed_at" : "2021-03-16T15:15:31Z" ,
2021-03-17 22:11:20 +01:00
"stargazers_count" : 1 ,
"watchers_count" : 1 ,
2021-03-15 16:09:38 +01:00
"forks_count" : 0 ,
"forks" : 0 ,
2021-03-17 22:11:20 +01:00
"watchers" : 1 ,
2021-03-16 16:10:50 +01:00
"score" : 0
} ,
{
"id" : 348300485 ,
"name" : "ProxyLogon" ,
"full_name" : "Immersive-Labs-Sec\/ProxyLogon" ,
"owner" : {
"login" : "Immersive-Labs-Sec" ,
"id" : 79456607 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/79456607?v=4" ,
"html_url" : "https:\/\/github.com\/Immersive-Labs-Sec"
} ,
"html_url" : "https:\/\/github.com\/Immersive-Labs-Sec\/ProxyLogon" ,
"description" : "Chaining CVE-2021-26855 and CVE-2021-26857 to exploit Microsoft Exchange" ,
"fork" : false ,
"created_at" : "2021-03-16T10:14:56Z" ,
2021-03-22 16:11:20 +01:00
"updated_at" : "2021-03-22T09:22:22Z" ,
"pushed_at" : "2021-03-22T09:22:20Z" ,
2021-03-17 22:11:20 +01:00
"stargazers_count" : 1 ,
"watchers_count" : 1 ,
2021-03-16 16:10:50 +01:00
"forks_count" : 0 ,
"forks" : 0 ,
2021-03-17 22:11:20 +01:00
"watchers" : 1 ,
2021-03-14 22:08:23 +01:00
"score" : 0
2021-03-16 22:08:58 +01:00
} ,
{
"id" : 348408422 ,
"name" : "Scan-Vuln-CVE-2021-26855" ,
"full_name" : "shacojx\/Scan-Vuln-CVE-2021-26855" ,
"owner" : {
"login" : "shacojx" ,
"id" : 19655109 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/19655109?v=4" ,
"html_url" : "https:\/\/github.com\/shacojx"
} ,
"html_url" : "https:\/\/github.com\/shacojx\/Scan-Vuln-CVE-2021-26855" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-16T15:59:17Z" ,
2021-03-20 04:11:50 +01:00
"updated_at" : "2021-03-20T01:39:29Z" ,
2021-03-18 16:09:27 +01:00
"pushed_at" : "2021-03-18T10:52:00Z" ,
2021-03-20 04:11:50 +01:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
"forks_count" : 2 ,
"forks" : 2 ,
"watchers" : 3 ,
2021-03-16 22:08:58 +01:00
"score" : 0
2021-03-17 10:09:30 +01:00
} ,
{
"id" : 348568793 ,
"name" : "ProxyLogon-CVE-2021-26855-metasploit" ,
"full_name" : "TaroballzChen\/ProxyLogon-CVE-2021-26855-metasploit" ,
"owner" : {
"login" : "TaroballzChen" ,
"id" : 27862593 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4" ,
"html_url" : "https:\/\/github.com\/TaroballzChen"
} ,
"html_url" : "https:\/\/github.com\/TaroballzChen\/ProxyLogon-CVE-2021-26855-metasploit" ,
"description" : "CVE-2021-26855 proxyLogon metasploit exploit script" ,
"fork" : false ,
"created_at" : "2021-03-17T03:32:19Z" ,
"updated_at" : "2021-03-17T05:51:32Z" ,
"pushed_at" : "2021-03-17T05:51:30Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
2021-03-21 16:10:35 +01:00
"forks_count" : 2 ,
"forks" : 2 ,
2021-03-17 10:09:30 +01:00
"watchers" : 0 ,
"score" : 0
} ,
{
"id" : 348573564 ,
"name" : "ProxyLogon" ,
"full_name" : "p0wershe11\/ProxyLogon" ,
"owner" : {
"login" : "p0wershe11" ,
"id" : 80803923 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/80803923?v=4" ,
"html_url" : "https:\/\/github.com\/p0wershe11"
} ,
"html_url" : "https:\/\/github.com\/p0wershe11\/ProxyLogon" ,
"description" : "ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)" ,
"fork" : false ,
"created_at" : "2021-03-17T03:56:54Z" ,
2021-03-21 16:10:35 +01:00
"updated_at" : "2021-03-21T14:09:57Z" ,
2021-03-17 10:09:30 +01:00
"pushed_at" : "2021-03-17T05:06:18Z" ,
2021-03-21 16:10:35 +01:00
"stargazers_count" : 40 ,
"watchers_count" : 40 ,
2021-03-19 22:10:57 +01:00
"forks_count" : 8 ,
"forks" : 8 ,
2021-03-21 16:10:35 +01:00
"watchers" : 40 ,
2021-03-18 04:09:15 +01:00
"score" : 0
} ,
{
"id" : 348894495 ,
"name" : "CVE-2021-26855-Exchange-RCE" ,
"full_name" : "r0ckysec\/CVE-2021-26855-Exchange-RCE" ,
"owner" : {
"login" : "r0ckysec" ,
"id" : 44518337 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/44518337?v=4" ,
"html_url" : "https:\/\/github.com\/r0ckysec"
} ,
"html_url" : "https:\/\/github.com\/r0ckysec\/CVE-2021-26855-Exchange-RCE" ,
"description" : "Microsoft Exchange Proxylogon Exploit Chain EXP分析" ,
"fork" : false ,
"created_at" : "2021-03-18T00:44:29Z" ,
"updated_at" : "2021-03-18T00:55:42Z" ,
"pushed_at" : "2021-03-18T00:55:39Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
2021-03-21 10:09:46 +01:00
"forks_count" : 1 ,
"forks" : 1 ,
2021-03-18 04:09:15 +01:00
"watchers" : 0 ,
2021-03-17 10:09:30 +01:00
"score" : 0
2021-03-23 10:11:09 +01:00
} ,
{
"id" : 350620709 ,
"name" : "CVE-2021-26855-CVE-2021-27065" ,
"full_name" : "hictf\/CVE-2021-26855-CVE-2021-27065" ,
"owner" : {
"login" : "hictf" ,
"id" : 43127173 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/43127173?v=4" ,
"html_url" : "https:\/\/github.com\/hictf"
} ,
"html_url" : "https:\/\/github.com\/hictf\/CVE-2021-26855-CVE-2021-27065" ,
"description" : "analytics ProxyLogo Mail exchange RCE" ,
"fork" : false ,
"created_at" : "2021-03-23T07:37:47Z" ,
"updated_at" : "2021-03-23T07:37:50Z" ,
"pushed_at" : "2021-03-23T07:37:48Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"forks_count" : 0 ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0
2021-03-03 16:09:26 +01:00
}
]
