2021-03-03 16:09:26 +01:00
[
{
"id" : 344161221 ,
"name" : "exchange-0days-202103" ,
"full_name" : "sgnls\/exchange-0days-202103" ,
"owner" : {
"login" : "sgnls" ,
"id" : 11134228 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/11134228?v=4" ,
"html_url" : "https:\/\/github.com\/sgnls"
} ,
"html_url" : "https:\/\/github.com\/sgnls\/exchange-0days-202103" ,
"description" : "IoC determination for exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065." ,
"fork" : false ,
"created_at" : "2021-03-03T14:50:16Z" ,
2021-03-15 16:09:38 +01:00
"updated_at" : "2021-03-15T11:42:08Z" ,
"pushed_at" : "2021-03-15T11:42:06Z" ,
2021-03-12 22:09:57 +01:00
"stargazers_count" : 5 ,
"watchers_count" : 5 ,
"forks_count" : 4 ,
"forks" : 4 ,
"watchers" : 5 ,
2021-03-03 22:09:45 +01:00
"score" : 0
} ,
2021-05-01 11:12:06 +02:00
{
"id" : 344210374 ,
"name" : "HAFNIUM-IOC" ,
"full_name" : "soteria-security\/HAFNIUM-IOC" ,
"owner" : {
"login" : "soteria-security" ,
"id" : 49722282 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/49722282?v=4" ,
"html_url" : "https:\/\/github.com\/soteria-security"
} ,
"html_url" : "https:\/\/github.com\/soteria-security\/HAFNIUM-IOC" ,
"description" : "A PowerShell script to identify indicators of exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865" ,
"fork" : false ,
"created_at" : "2021-03-03T17:36:18Z" ,
"updated_at" : "2021-04-12T15:26:58Z" ,
"pushed_at" : "2021-03-05T17:09:01Z" ,
"stargazers_count" : 15 ,
"watchers_count" : 15 ,
"forks_count" : 1 ,
"forks" : 1 ,
"watchers" : 15 ,
"score" : 0
} ,
2021-03-05 16:09:25 +01:00
{
"id" : 344742582 ,
"name" : "exchange_webshell_detection" ,
"full_name" : "cert-lv\/exchange_webshell_detection" ,
"owner" : {
"login" : "cert-lv" ,
"id" : 22764485 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/22764485?v=4" ,
"html_url" : "https:\/\/github.com\/cert-lv"
} ,
"html_url" : "https:\/\/github.com\/cert-lv\/exchange_webshell_detection" ,
2021-03-05 22:10:47 +01:00
"description" : "Detect webshells dropped on Microsoft Exchange servers exploited through \"proxylogon\" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)" ,
2021-03-05 16:09:25 +01:00
"fork" : false ,
"created_at" : "2021-03-05T08:22:07Z" ,
2021-05-21 17:11:47 +02:00
"updated_at" : "2021-05-21T12:24:52Z" ,
2021-03-16 10:09:15 +01:00
"pushed_at" : "2021-03-16T08:34:14Z" ,
2021-05-21 17:11:47 +02:00
"stargazers_count" : 90 ,
"watchers_count" : 90 ,
2021-05-20 05:11:36 +02:00
"forks_count" : 21 ,
"forks" : 21 ,
2021-05-21 17:11:47 +02:00
"watchers" : 90 ,
2021-03-06 16:09:11 +01:00
"score" : 0
2021-03-06 22:10:09 +01:00
} ,
2021-05-01 11:12:06 +02:00
{
"id" : 345052378 ,
"name" : "Microsoft_Exchange_Server_SSRF_CVE-2021-26855" ,
"full_name" : "conjojo\/Microsoft_Exchange_Server_SSRF_CVE-2021-26855" ,
"owner" : {
"login" : "conjojo" ,
"id" : 79626719 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/79626719?v=4" ,
"html_url" : "https:\/\/github.com\/conjojo"
} ,
"html_url" : "https:\/\/github.com\/conjojo\/Microsoft_Exchange_Server_SSRF_CVE-2021-26855" ,
"description" : "Microsoft Exchange Server SSRF漏洞(CVE-2021-26855)" ,
"fork" : false ,
"created_at" : "2021-03-06T09:15:55Z" ,
2021-05-01 23:12:06 +02:00
"updated_at" : "2021-05-01T17:36:20Z" ,
2021-05-01 11:12:06 +02:00
"pushed_at" : "2021-03-06T10:34:49Z" ,
2021-05-01 23:12:06 +02:00
"stargazers_count" : 37 ,
"watchers_count" : 37 ,
2021-05-01 11:12:06 +02:00
"forks_count" : 8 ,
"forks" : 8 ,
2021-05-01 23:12:06 +02:00
"watchers" : 37 ,
2021-05-01 11:12:06 +02:00
"score" : 0
} ,
2021-03-06 22:10:09 +01:00
{
"id" : 345173055 ,
"name" : "CVE-2021-26855-SSRF" ,
"full_name" : "pussycat0x\/CVE-2021-26855-SSRF" ,
"owner" : {
"login" : "pussycat0x" ,
"id" : 65701233 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/65701233?v=4" ,
"html_url" : "https:\/\/github.com\/pussycat0x"
} ,
"html_url" : "https:\/\/github.com\/pussycat0x\/CVE-2021-26855-SSRF" ,
"description" : "This script helps to identify CVE-2021-26855 ssrf Poc" ,
"fork" : false ,
"created_at" : "2021-03-06T19:03:00Z" ,
2021-05-29 17:11:35 +02:00
"updated_at" : "2021-05-29T14:45:38Z" ,
2021-03-10 10:09:31 +01:00
"pushed_at" : "2021-03-10T07:41:56Z" ,
2021-05-29 17:11:35 +02:00
"stargazers_count" : 18 ,
"watchers_count" : 18 ,
"forks_count" : 9 ,
"forks" : 9 ,
"watchers" : 18 ,
2021-03-03 16:09:26 +01:00
"score" : 0
2021-03-07 04:08:28 +01:00
} ,
{
"id" : 345215022 ,
"name" : "CVE-2021-26855" ,
"full_name" : "0xAbdullah\/CVE-2021-26855" ,
"owner" : {
"login" : "0xAbdullah" ,
"id" : 29471278 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/29471278?v=4" ,
"html_url" : "https:\/\/github.com\/0xAbdullah"
} ,
"html_url" : "https:\/\/github.com\/0xAbdullah\/CVE-2021-26855" ,
"description" : "PoC for CVE-2021-26855 -Just a checker-" ,
"fork" : false ,
"created_at" : "2021-03-06T23:12:22Z" ,
2021-03-15 22:09:09 +01:00
"updated_at" : "2021-03-15T17:37:56Z" ,
2021-03-10 04:09:22 +01:00
"pushed_at" : "2021-03-09T22:07:46Z" ,
2021-03-15 22:09:09 +01:00
"stargazers_count" : 13 ,
"watchers_count" : 13 ,
2021-03-10 10:09:31 +01:00
"forks_count" : 2 ,
"forks" : 2 ,
2021-03-15 22:09:09 +01:00
"watchers" : 13 ,
2021-03-07 04:08:28 +01:00
"score" : 0
2021-03-07 10:09:11 +01:00
} ,
{
"id" : 345228496 ,
"name" : "CVE-2021-26855-SSRF-Exchange" ,
"full_name" : "Th3eCrow\/CVE-2021-26855-SSRF-Exchange" ,
"owner" : {
"login" : "Th3eCrow" ,
"id" : 10507748 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/10507748?v=4" ,
"html_url" : "https:\/\/github.com\/Th3eCrow"
} ,
"html_url" : "https:\/\/github.com\/Th3eCrow\/CVE-2021-26855-SSRF-Exchange" ,
"description" : "CVE-2021-26855 SSRF Exchange Server" ,
"fork" : false ,
"created_at" : "2021-03-07T00:55:16Z" ,
2021-03-10 10:09:31 +01:00
"updated_at" : "2021-03-10T04:02:32Z" ,
2021-03-07 10:09:11 +01:00
"pushed_at" : "2021-03-06T18:57:43Z" ,
2021-03-10 10:09:31 +01:00
"stargazers_count" : 6 ,
"watchers_count" : 6 ,
2021-03-09 16:09:23 +01:00
"forks_count" : 3 ,
"forks" : 3 ,
2021-03-10 10:09:31 +01:00
"watchers" : 6 ,
2021-03-08 10:09:27 +01:00
"score" : 0
} ,
2021-03-15 04:09:16 +01:00
{
"id" : 345337490 ,
"name" : "exchange_proxylogon" ,
"full_name" : "mekhalleh\/exchange_proxylogon" ,
"owner" : {
"login" : "mekhalleh" ,
"id" : 5225129 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/5225129?v=4" ,
"html_url" : "https:\/\/github.com\/mekhalleh"
} ,
"html_url" : "https:\/\/github.com\/mekhalleh\/exchange_proxylogon" ,
"description" : "Module pack for #ProxyLogon (part. of my contribute for Metasploit-Framework) [CVE-2021-26855 && CVE-2021-27065]" ,
"fork" : false ,
"created_at" : "2021-03-07T12:12:16Z" ,
2021-04-10 11:10:51 +02:00
"updated_at" : "2021-04-10T04:55:12Z" ,
2021-03-29 11:10:55 +02:00
"pushed_at" : "2021-03-29T08:42:01Z" ,
2021-04-10 11:10:51 +02:00
"stargazers_count" : 2 ,
"watchers_count" : 2 ,
2021-03-16 10:09:15 +01:00
"forks_count" : 2 ,
"forks" : 2 ,
2021-04-10 11:10:51 +02:00
"watchers" : 2 ,
2021-03-15 04:09:16 +01:00
"score" : 0
} ,
2021-03-08 10:09:27 +01:00
{
"id" : 345567206 ,
"name" : "CVE-2021-26855_SSRF" ,
"full_name" : "Yt1g3r\/CVE-2021-26855_SSRF" ,
"owner" : {
"login" : "Yt1g3r" ,
"id" : 12625147 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/12625147?v=4" ,
"html_url" : "https:\/\/github.com\/Yt1g3r"
} ,
"html_url" : "https:\/\/github.com\/Yt1g3r\/CVE-2021-26855_SSRF" ,
2021-03-11 10:09:27 +01:00
"description" : "POC of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865, ProxyLogon poc" ,
2021-03-08 10:09:27 +01:00
"fork" : false ,
"created_at" : "2021-03-08T07:28:21Z" ,
2021-03-12 22:09:57 +01:00
"updated_at" : "2021-03-12T16:16:04Z" ,
2021-03-11 10:09:27 +01:00
"pushed_at" : "2021-03-11T03:28:47Z" ,
2021-03-12 22:09:57 +01:00
"stargazers_count" : 2 ,
"watchers_count" : 2 ,
2021-03-18 10:09:24 +01:00
"forks_count" : 4 ,
"forks" : 4 ,
2021-03-12 22:09:57 +01:00
"watchers" : 2 ,
2021-03-08 10:09:27 +01:00
"score" : 0
2021-03-08 16:09:26 +01:00
} ,
2021-03-09 16:09:23 +01:00
{
"id" : 345586288 ,
"name" : "CVE-2021-26855" ,
2021-03-25 10:10:43 +01:00
"full_name" : "charlottelatest\/CVE-2021-26855" ,
2021-03-09 16:09:23 +01:00
"owner" : {
2021-03-25 10:10:43 +01:00
"login" : "charlottelatest" ,
2021-03-09 16:09:23 +01:00
"id" : 34669056 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/34669056?v=4" ,
2021-03-25 10:10:43 +01:00
"html_url" : "https:\/\/github.com\/charlottelatest"
2021-03-09 16:09:23 +01:00
} ,
2021-03-25 10:10:43 +01:00
"html_url" : "https:\/\/github.com\/charlottelatest\/CVE-2021-26855" ,
2021-03-09 16:09:23 +01:00
"description" : "CVE-2021-26855 exp" ,
"fork" : false ,
"created_at" : "2021-03-08T08:39:05Z" ,
2021-05-29 23:11:30 +02:00
"updated_at" : "2021-05-29T15:56:10Z" ,
2021-03-09 16:09:23 +01:00
"pushed_at" : "2021-03-08T08:09:01Z" ,
2021-05-29 23:11:30 +02:00
"stargazers_count" : 82 ,
"watchers_count" : 82 ,
2021-05-25 11:11:47 +02:00
"forks_count" : 68 ,
"forks" : 68 ,
2021-05-29 23:11:30 +02:00
"watchers" : 82 ,
2021-03-09 16:09:23 +01:00
"score" : 0
} ,
2021-03-08 16:09:26 +01:00
{
"id" : 345639477 ,
"name" : "proxylogscan" ,
"full_name" : "dwisiswant0\/proxylogscan" ,
"owner" : {
"login" : "dwisiswant0" ,
"id" : 25837540 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4" ,
"html_url" : "https:\/\/github.com\/dwisiswant0"
} ,
"html_url" : "https:\/\/github.com\/dwisiswant0\/proxylogscan" ,
"description" : "A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855)." ,
"fork" : false ,
"created_at" : "2021-03-08T11:54:32Z" ,
2021-05-26 05:11:39 +02:00
"updated_at" : "2021-05-26T03:01:17Z" ,
2021-03-17 16:09:30 +01:00
"pushed_at" : "2021-03-17T11:21:52Z" ,
2021-05-26 05:11:39 +02:00
"stargazers_count" : 119 ,
"watchers_count" : 119 ,
2021-05-15 17:11:13 +02:00
"forks_count" : 20 ,
"forks" : 20 ,
2021-05-26 05:11:39 +02:00
"watchers" : 119 ,
2021-03-09 16:09:23 +01:00
"score" : 0
} ,
{
"id" : 345955330 ,
"name" : "ExchangeWeaknessTest" ,
"full_name" : "mauricelambert\/ExchangeWeaknessTest" ,
"owner" : {
"login" : "mauricelambert" ,
"id" : 50479118 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4" ,
"html_url" : "https:\/\/github.com\/mauricelambert"
} ,
"html_url" : "https:\/\/github.com\/mauricelambert\/ExchangeWeaknessTest" ,
"description" : "This script test the CVE-2021-26855 vulnerability on Exchange Server." ,
"fork" : false ,
"created_at" : "2021-03-09T09:40:29Z" ,
"updated_at" : "2021-03-09T09:43:55Z" ,
"pushed_at" : "2021-03-09T09:42:51Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"forks_count" : 0 ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0
} ,
{
"id" : 345970212 ,
"name" : "Exchange_IOC_Hunter" ,
"full_name" : "DCScoder\/Exchange_IOC_Hunter" ,
"owner" : {
"login" : "DCScoder" ,
"id" : 42096735 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/42096735?v=4" ,
"html_url" : "https:\/\/github.com\/DCScoder"
} ,
"html_url" : "https:\/\/github.com\/DCScoder\/Exchange_IOC_Hunter" ,
"description" : "CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065" ,
"fork" : false ,
"created_at" : "2021-03-09T10:36:44Z" ,
2021-03-17 16:09:30 +01:00
"updated_at" : "2021-03-17T10:22:07Z" ,
"pushed_at" : "2021-03-17T10:22:05Z" ,
2021-03-09 16:09:23 +01:00
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"forks_count" : 0 ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0
} ,
{
"id" : 345990340 ,
"name" : "CVE-2021-26855" ,
"full_name" : "PwCNO-CTO\/CVE-2021-26855" ,
"owner" : {
"login" : "PwCNO-CTO" ,
"id" : 58770486 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/58770486?v=4" ,
"html_url" : "https:\/\/github.com\/PwCNO-CTO"
} ,
"html_url" : "https:\/\/github.com\/PwCNO-CTO\/CVE-2021-26855" ,
"description" : "Microsoft Exchange Server Remote Code Execution Vulnerability (ProxyLogon)" ,
"fork" : false ,
"created_at" : "2021-03-09T11:57:26Z" ,
"updated_at" : "2021-03-09T11:57:26Z" ,
"pushed_at" : "2021-03-09T11:57:27Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"forks_count" : 0 ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0
} ,
{
"id" : 346033440 ,
"name" : "CVE-2021-26855-PoC" ,
"full_name" : "srvaccount\/CVE-2021-26855-PoC" ,
"owner" : {
"login" : "srvaccount" ,
"id" : 76211832 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/76211832?v=4" ,
"html_url" : "https:\/\/github.com\/srvaccount"
} ,
"html_url" : "https:\/\/github.com\/srvaccount\/CVE-2021-26855-PoC" ,
"description" : "PoC exploit code for CVE-2021-26855" ,
"fork" : false ,
"created_at" : "2021-03-09T14:27:06Z" ,
2021-05-02 17:11:03 +02:00
"updated_at" : "2021-05-02T10:09:41Z" ,
2021-03-10 04:09:22 +01:00
"pushed_at" : "2021-03-09T21:59:53Z" ,
2021-05-02 17:11:03 +02:00
"stargazers_count" : 6 ,
"watchers_count" : 6 ,
2021-04-29 05:11:28 +02:00
"forks_count" : 18 ,
"forks" : 18 ,
2021-05-02 17:11:03 +02:00
"watchers" : 6 ,
2021-03-08 16:09:26 +01:00
"score" : 0
2021-03-09 22:09:21 +01:00
} ,
{
"id" : 346078570 ,
"name" : "CVE-2021-26855" ,
"full_name" : "h4x0r-dz\/CVE-2021-26855" ,
"owner" : {
"login" : "h4x0r-dz" ,
"id" : 26070859 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4" ,
"html_url" : "https:\/\/github.com\/h4x0r-dz"
} ,
"html_url" : "https:\/\/github.com\/h4x0r-dz\/CVE-2021-26855" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-09T16:54:39Z" ,
2021-05-16 23:11:26 +02:00
"updated_at" : "2021-05-16T20:39:32Z" ,
2021-03-09 22:09:21 +01:00
"pushed_at" : "2021-03-09T16:56:09Z" ,
2021-05-16 23:11:26 +02:00
"stargazers_count" : 80 ,
"watchers_count" : 80 ,
2021-05-15 11:11:31 +02:00
"forks_count" : 60 ,
"forks" : 60 ,
2021-05-16 23:11:26 +02:00
"watchers" : 80 ,
2021-03-10 10:09:31 +01:00
"score" : 0
} ,
{
"id" : 346241102 ,
"name" : "CVE-2021-26855_PoC" ,
"full_name" : "alt3kx\/CVE-2021-26855_PoC" ,
"owner" : {
"login" : "alt3kx" ,
"id" : 3140111 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4" ,
"html_url" : "https:\/\/github.com\/alt3kx"
} ,
"html_url" : "https:\/\/github.com\/alt3kx\/CVE-2021-26855_PoC" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-10T05:21:19Z" ,
2021-05-17 17:12:54 +02:00
"updated_at" : "2021-05-17T13:50:11Z" ,
2021-03-12 22:09:57 +01:00
"pushed_at" : "2021-03-12T16:19:50Z" ,
2021-05-17 17:12:54 +02:00
"stargazers_count" : 45 ,
"watchers_count" : 45 ,
2021-05-20 05:11:36 +02:00
"forks_count" : 27 ,
"forks" : 27 ,
2021-05-17 17:12:54 +02:00
"watchers" : 45 ,
2021-03-10 16:09:32 +01:00
"score" : 0
} ,
{
"id" : 346347325 ,
"name" : "CVE-2021-26855" ,
"full_name" : "achabahe\/CVE-2021-26855" ,
"owner" : {
"login" : "achabahe" ,
"id" : 12010973 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/12010973?v=4" ,
"html_url" : "https:\/\/github.com\/achabahe"
} ,
"html_url" : "https:\/\/github.com\/achabahe\/CVE-2021-26855" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-10T12:23:43Z" ,
2021-03-12 10:09:31 +01:00
"updated_at" : "2021-03-12T08:21:02Z" ,
2021-03-10 16:09:32 +01:00
"pushed_at" : "2021-03-10T12:46:41Z" ,
2021-03-12 10:09:31 +01:00
"stargazers_count" : 4 ,
"watchers_count" : 4 ,
2021-03-11 10:09:27 +01:00
"forks_count" : 3 ,
"forks" : 3 ,
2021-03-12 10:09:31 +01:00
"watchers" : 4 ,
2021-03-09 22:09:21 +01:00
"score" : 0
2021-03-11 22:09:25 +01:00
} ,
{
"id" : 346816198 ,
2021-04-05 17:10:54 +02:00
"name" : "eeb927d1189ad44742095f58636483984bfbfa355f69f94439e276df306d9568" ,
"full_name" : "raheel0x01\/eeb927d1189ad44742095f58636483984bfbfa355f69f94439e276df306d9568" ,
2021-03-11 22:09:25 +01:00
"owner" : {
"login" : "raheel0x01" ,
"id" : 65211256 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/65211256?v=4" ,
"html_url" : "https:\/\/github.com\/raheel0x01"
} ,
2021-04-05 17:10:54 +02:00
"html_url" : "https:\/\/github.com\/raheel0x01\/eeb927d1189ad44742095f58636483984bfbfa355f69f94439e276df306d9568" ,
2021-03-11 22:09:25 +01:00
"description" : "CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server. According to Orange Tsai, the researcher who discovered the vulnerabilities, CVE-2021-26855 allows code execution when chained with CVE-2021-27065 (see below). A successful exploit chain would allow an unauthenticated attacker to \"execute arbitrary commands on Microsoft Exchange Server through only an open 443 port.\" More information and a disclosure timeline are available at https:\/\/proxylogon.com." ,
"fork" : false ,
"created_at" : "2021-03-11T19:35:35Z" ,
2021-04-05 17:10:54 +02:00
"updated_at" : "2021-04-05T12:38:13Z" ,
2021-03-15 04:09:16 +01:00
"pushed_at" : "2021-03-14T23:51:37Z" ,
2021-03-30 17:10:52 +02:00
"stargazers_count" : 10 ,
"watchers_count" : 10 ,
2021-05-11 11:11:30 +02:00
"forks_count" : 4 ,
"forks" : 4 ,
2021-03-30 17:10:52 +02:00
"watchers" : 10 ,
2021-03-11 22:09:25 +01:00
"score" : 0
} ,
{
"id" : 346834084 ,
"name" : "CVE-2021-26855" ,
"full_name" : "hackerschoice\/CVE-2021-26855" ,
"owner" : {
"login" : "hackerschoice" ,
"id" : 57636453 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/57636453?v=4" ,
"html_url" : "https:\/\/github.com\/hackerschoice"
} ,
"html_url" : "https:\/\/github.com\/hackerschoice\/CVE-2021-26855" ,
"description" : "PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github" ,
"fork" : false ,
"created_at" : "2021-03-11T20:51:48Z" ,
2021-05-04 17:11:46 +02:00
"updated_at" : "2021-05-04T10:44:28Z" ,
2021-03-11 22:09:25 +01:00
"pushed_at" : "2021-03-11T20:58:08Z" ,
2021-05-04 17:11:46 +02:00
"stargazers_count" : 49 ,
"watchers_count" : 49 ,
2021-04-29 23:11:07 +02:00
"forks_count" : 30 ,
"forks" : 30 ,
2021-05-04 17:11:46 +02:00
"watchers" : 49 ,
2021-03-12 04:09:39 +01:00
"score" : 0
} ,
{
"id" : 346840803 ,
"name" : "HAFNIUM-Microsoft-Exchange-0day" ,
"full_name" : "SCS-Labs\/HAFNIUM-Microsoft-Exchange-0day" ,
"owner" : {
"login" : "SCS-Labs" ,
"id" : 67705746 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/67705746?v=4" ,
"html_url" : "https:\/\/github.com\/SCS-Labs"
} ,
"html_url" : "https:\/\/github.com\/SCS-Labs\/HAFNIUM-Microsoft-Exchange-0day" ,
"description" : "CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065" ,
"fork" : false ,
"created_at" : "2021-03-11T21:18:29Z" ,
2021-04-19 23:11:06 +02:00
"updated_at" : "2021-04-19T19:31:47Z" ,
"pushed_at" : "2021-04-19T19:31:45Z" ,
2021-04-19 11:11:21 +02:00
"stargazers_count" : 5 ,
"watchers_count" : 5 ,
2021-04-08 05:11:17 +02:00
"forks_count" : 1 ,
"forks" : 1 ,
2021-04-19 11:11:21 +02:00
"watchers" : 5 ,
2021-03-12 10:09:31 +01:00
"score" : 0
} ,
2021-03-12 16:09:21 +01:00
{
"id" : 347064151 ,
"name" : "CVE-2021-26855-Scanner" ,
"full_name" : "KotSec\/CVE-2021-26855-Scanner" ,
"owner" : {
"login" : "KotSec" ,
"id" : 80525807 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/80525807?v=4" ,
"html_url" : "https:\/\/github.com\/KotSec"
} ,
"html_url" : "https:\/\/github.com\/KotSec\/CVE-2021-26855-Scanner" ,
"description" : "Scanner and PoC for CVE-2021-26855 " ,
"fork" : false ,
"created_at" : "2021-03-12T12:47:41Z" ,
2021-03-16 04:09:07 +01:00
"updated_at" : "2021-03-15T23:37:29Z" ,
2021-03-12 16:09:21 +01:00
"pushed_at" : "2021-03-12T12:55:57Z" ,
2021-03-16 04:09:07 +01:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
2021-03-13 16:09:19 +01:00
"forks_count" : 2 ,
"forks" : 2 ,
2021-03-16 04:09:07 +01:00
"watchers" : 3 ,
2021-03-12 16:09:21 +01:00
"score" : 0
2021-03-14 22:08:23 +01:00
} ,
2021-05-01 11:12:06 +02:00
{
"id" : 347638787 ,
"name" : "proxylogon" ,
"full_name" : "hakivvi\/proxylogon" ,
"owner" : {
"login" : "hakivvi" ,
"id" : 67718634 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/67718634?v=4" ,
"html_url" : "https:\/\/github.com\/hakivvi"
} ,
"html_url" : "https:\/\/github.com\/hakivvi\/proxylogon" ,
"description" : "my exploit for the proxylogon chain (Microsoft Exchange Server - CVE-2021-26855) " ,
"fork" : false ,
"created_at" : "2021-03-14T13:04:07Z" ,
2021-05-02 05:14:27 +02:00
"updated_at" : "2021-05-01T21:34:43Z" ,
2021-05-01 11:12:06 +02:00
"pushed_at" : "2021-05-01T08:25:46Z" ,
2021-05-02 05:14:27 +02:00
"stargazers_count" : 5 ,
"watchers_count" : 5 ,
2021-05-01 11:12:06 +02:00
"forks_count" : 0 ,
"forks" : 0 ,
2021-05-02 05:14:27 +02:00
"watchers" : 5 ,
2021-05-01 11:12:06 +02:00
"score" : 0
} ,
2021-03-14 22:08:23 +01:00
{
"id" : 347658157 ,
"name" : "Exch-CVE-2021-26855" ,
"full_name" : "ZephrFish\/Exch-CVE-2021-26855" ,
"owner" : {
"login" : "ZephrFish" ,
"id" : 5783068 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4" ,
"html_url" : "https:\/\/github.com\/ZephrFish"
} ,
"html_url" : "https:\/\/github.com\/ZephrFish\/Exch-CVE-2021-26855" ,
"description" : "CVE-2021-26855: PoC (Not a HoneyPoC for once!)" ,
"fork" : false ,
"created_at" : "2021-03-14T14:23:34Z" ,
2021-04-07 11:11:09 +02:00
"updated_at" : "2021-04-07T06:10:35Z" ,
2021-03-15 22:09:09 +01:00
"pushed_at" : "2021-03-15T18:56:38Z" ,
2021-04-07 11:11:09 +02:00
"stargazers_count" : 21 ,
"watchers_count" : 21 ,
2021-04-22 11:11:23 +02:00
"forks_count" : 9 ,
"forks" : 9 ,
2021-04-07 11:11:09 +02:00
"watchers" : 21 ,
2021-03-15 04:09:16 +01:00
"score" : 0
} ,
{
"id" : 347774757 ,
"name" : "ProxyLogon-CVE-2021-26855" ,
"full_name" : "mil1200\/ProxyLogon-CVE-2021-26855" ,
"owner" : {
"login" : "mil1200" ,
"id" : 18125445 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/18125445?v=4" ,
"html_url" : "https:\/\/github.com\/mil1200"
} ,
"html_url" : "https:\/\/github.com\/mil1200\/ProxyLogon-CVE-2021-26855" ,
"description" : "RCE exploit for ProxyLogon vulnerability in Microsoft Exchange" ,
"fork" : false ,
"created_at" : "2021-03-14T22:57:21Z" ,
2021-05-14 23:11:06 +02:00
"updated_at" : "2021-05-14T17:14:26Z" ,
2021-03-15 04:09:16 +01:00
"pushed_at" : "2021-03-14T23:03:12Z" ,
2021-05-14 23:11:06 +02:00
"stargazers_count" : 7 ,
"watchers_count" : 7 ,
"forks_count" : 9 ,
"forks" : 9 ,
"watchers" : 7 ,
2021-03-15 16:09:38 +01:00
"score" : 0
} ,
{
"id" : 347992754 ,
"name" : "CVE-2021-26855-d" ,
"full_name" : "Mr-xn\/CVE-2021-26855-d" ,
"owner" : {
"login" : "Mr-xn" ,
"id" : 18260135 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4" ,
"html_url" : "https:\/\/github.com\/Mr-xn"
} ,
"html_url" : "https:\/\/github.com\/Mr-xn\/CVE-2021-26855-d" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-15T14:03:16Z" ,
2021-03-16 16:10:50 +01:00
"updated_at" : "2021-03-16T12:52:25Z" ,
2021-03-15 16:09:38 +01:00
"pushed_at" : "2021-03-15T14:08:16Z" ,
2021-03-16 16:10:50 +01:00
"stargazers_count" : 5 ,
"watchers_count" : 5 ,
2021-04-14 17:11:24 +02:00
"forks_count" : 2 ,
"forks" : 2 ,
2021-03-16 16:10:50 +01:00
"watchers" : 5 ,
"score" : 0
} ,
{
"id" : 348253285 ,
"name" : "ProxyLogon" ,
"full_name" : "RickGeex\/ProxyLogon" ,
"owner" : {
"login" : "RickGeex" ,
"id" : 7975904 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/7975904?v=4" ,
"html_url" : "https:\/\/github.com\/RickGeex"
} ,
"html_url" : "https:\/\/github.com\/RickGeex\/ProxyLogon" ,
"description" : "ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth arbitrary-file-write vulnerability, CVE-2021-27065, to get code execution." ,
"fork" : false ,
"created_at" : "2021-03-16T07:31:25Z" ,
2021-05-04 23:11:10 +02:00
"updated_at" : "2021-05-04T15:17:14Z" ,
2021-05-01 23:12:06 +02:00
"pushed_at" : "2021-05-01T17:20:15Z" ,
2021-05-04 23:11:10 +02:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
2021-05-20 17:13:03 +02:00
"forks_count" : 1 ,
"forks" : 1 ,
2021-05-04 23:11:10 +02:00
"watchers" : 3 ,
2021-03-16 16:10:50 +01:00
"score" : 0
} ,
{
"id" : 348300485 ,
"name" : "ProxyLogon" ,
"full_name" : "Immersive-Labs-Sec\/ProxyLogon" ,
"owner" : {
"login" : "Immersive-Labs-Sec" ,
"id" : 79456607 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/79456607?v=4" ,
"html_url" : "https:\/\/github.com\/Immersive-Labs-Sec"
} ,
"html_url" : "https:\/\/github.com\/Immersive-Labs-Sec\/ProxyLogon" ,
"description" : "Chaining CVE-2021-26855 and CVE-2021-26857 to exploit Microsoft Exchange" ,
"fork" : false ,
"created_at" : "2021-03-16T10:14:56Z" ,
2021-03-24 22:10:24 +01:00
"updated_at" : "2021-03-24T16:54:40Z" ,
2021-03-22 16:11:20 +01:00
"pushed_at" : "2021-03-22T09:22:20Z" ,
2021-03-24 22:10:24 +01:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
2021-03-16 16:10:50 +01:00
"forks_count" : 0 ,
"forks" : 0 ,
2021-03-24 22:10:24 +01:00
"watchers" : 3 ,
2021-03-14 22:08:23 +01:00
"score" : 0
2021-03-16 22:08:58 +01:00
} ,
{
"id" : 348408422 ,
"name" : "Scan-Vuln-CVE-2021-26855" ,
"full_name" : "shacojx\/Scan-Vuln-CVE-2021-26855" ,
"owner" : {
"login" : "shacojx" ,
"id" : 19655109 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/19655109?v=4" ,
"html_url" : "https:\/\/github.com\/shacojx"
} ,
"html_url" : "https:\/\/github.com\/shacojx\/Scan-Vuln-CVE-2021-26855" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-16T15:59:17Z" ,
2021-03-20 04:11:50 +01:00
"updated_at" : "2021-03-20T01:39:29Z" ,
2021-03-18 16:09:27 +01:00
"pushed_at" : "2021-03-18T10:52:00Z" ,
2021-03-20 04:11:50 +01:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
"forks_count" : 2 ,
"forks" : 2 ,
"watchers" : 3 ,
2021-03-16 22:08:58 +01:00
"score" : 0
2021-03-17 10:09:30 +01:00
} ,
{
"id" : 348568793 ,
"name" : "ProxyLogon-CVE-2021-26855-metasploit" ,
"full_name" : "TaroballzChen\/ProxyLogon-CVE-2021-26855-metasploit" ,
"owner" : {
"login" : "TaroballzChen" ,
"id" : 27862593 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4" ,
"html_url" : "https:\/\/github.com\/TaroballzChen"
} ,
"html_url" : "https:\/\/github.com\/TaroballzChen\/ProxyLogon-CVE-2021-26855-metasploit" ,
"description" : "CVE-2021-26855 proxyLogon metasploit exploit script" ,
"fork" : false ,
"created_at" : "2021-03-17T03:32:19Z" ,
2021-05-18 17:11:56 +02:00
"updated_at" : "2021-05-18T10:50:22Z" ,
2021-03-17 10:09:30 +01:00
"pushed_at" : "2021-03-17T05:51:30Z" ,
2021-05-18 17:11:56 +02:00
"stargazers_count" : 1 ,
"watchers_count" : 1 ,
2021-03-21 16:10:35 +01:00
"forks_count" : 2 ,
"forks" : 2 ,
2021-05-18 17:11:56 +02:00
"watchers" : 1 ,
2021-03-17 10:09:30 +01:00
"score" : 0
} ,
{
"id" : 348573564 ,
"name" : "ProxyLogon" ,
"full_name" : "p0wershe11\/ProxyLogon" ,
"owner" : {
"login" : "p0wershe11" ,
"id" : 80803923 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/80803923?v=4" ,
"html_url" : "https:\/\/github.com\/p0wershe11"
} ,
"html_url" : "https:\/\/github.com\/p0wershe11\/ProxyLogon" ,
"description" : "ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)" ,
"fork" : false ,
"created_at" : "2021-03-17T03:56:54Z" ,
2021-05-12 05:11:29 +02:00
"updated_at" : "2021-05-12T02:05:53Z" ,
2021-03-17 10:09:30 +01:00
"pushed_at" : "2021-03-17T05:06:18Z" ,
2021-05-12 05:11:29 +02:00
"stargazers_count" : 58 ,
"watchers_count" : 58 ,
2021-05-20 05:11:36 +02:00
"forks_count" : 18 ,
"forks" : 18 ,
2021-05-12 05:11:29 +02:00
"watchers" : 58 ,
2021-03-18 04:09:15 +01:00
"score" : 0
} ,
{
"id" : 348894495 ,
2021-03-24 16:12:11 +01:00
"name" : "CVE-2021-26855_Exchange" ,
"full_name" : "r0ckysec\/CVE-2021-26855_Exchange" ,
2021-03-18 04:09:15 +01:00
"owner" : {
"login" : "r0ckysec" ,
"id" : 44518337 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/44518337?v=4" ,
"html_url" : "https:\/\/github.com\/r0ckysec"
} ,
2021-03-24 16:12:11 +01:00
"html_url" : "https:\/\/github.com\/r0ckysec\/CVE-2021-26855_Exchange" ,
2021-03-18 04:09:15 +01:00
"description" : "Microsoft Exchange Proxylogon Exploit Chain EXP分析" ,
"fork" : false ,
"created_at" : "2021-03-18T00:44:29Z" ,
2021-03-24 16:12:11 +01:00
"updated_at" : "2021-03-24T10:39:36Z" ,
"pushed_at" : "2021-03-24T10:39:34Z" ,
2021-03-24 04:10:43 +01:00
"stargazers_count" : 1 ,
"watchers_count" : 1 ,
2021-05-11 17:12:55 +02:00
"forks_count" : 2 ,
"forks" : 2 ,
2021-03-24 04:10:43 +01:00
"watchers" : 1 ,
2021-03-17 10:09:30 +01:00
"score" : 0
2021-03-23 10:11:09 +01:00
} ,
2021-04-05 05:11:01 +02:00
{
"id" : 349035798 ,
"name" : "CVE-2021-26855-exploit-Exchange" ,
"full_name" : "shacojx\/CVE-2021-26855-exploit-Exchange" ,
"owner" : {
"login" : "shacojx" ,
"id" : 19655109 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/19655109?v=4" ,
"html_url" : "https:\/\/github.com\/shacojx"
} ,
"html_url" : "https:\/\/github.com\/shacojx\/CVE-2021-26855-exploit-Exchange" ,
"description" : null ,
"fork" : false ,
"created_at" : "2021-03-18T10:45:54Z" ,
2021-04-06 05:11:05 +02:00
"updated_at" : "2021-04-06T01:57:31Z" ,
2021-04-05 05:11:01 +02:00
"pushed_at" : "2021-04-05T02:36:51Z" ,
2021-04-06 05:11:05 +02:00
"stargazers_count" : 1 ,
"watchers_count" : 1 ,
2021-04-14 17:11:24 +02:00
"forks_count" : 1 ,
"forks" : 1 ,
2021-04-06 05:11:05 +02:00
"watchers" : 1 ,
2021-04-05 05:11:01 +02:00
"score" : 0
} ,
2021-03-23 10:11:09 +01:00
{
"id" : 350620709 ,
"name" : "CVE-2021-26855-CVE-2021-27065" ,
"full_name" : "hictf\/CVE-2021-26855-CVE-2021-27065" ,
"owner" : {
"login" : "hictf" ,
"id" : 43127173 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/43127173?v=4" ,
"html_url" : "https:\/\/github.com\/hictf"
} ,
"html_url" : "https:\/\/github.com\/hictf\/CVE-2021-26855-CVE-2021-27065" ,
"description" : "analytics ProxyLogo Mail exchange RCE" ,
"fork" : false ,
"created_at" : "2021-03-23T07:37:47Z" ,
2021-03-23 22:13:14 +01:00
"updated_at" : "2021-03-23T19:02:32Z" ,
"pushed_at" : "2021-03-23T19:02:30Z" ,
2021-03-23 10:11:09 +01:00
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"forks_count" : 0 ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0
2021-03-24 04:10:43 +01:00
} ,
{
"id" : 350906098 ,
"name" : "proxylogon-exploit" ,
"full_name" : "praetorian-inc\/proxylogon-exploit" ,
"owner" : {
"login" : "praetorian-inc" ,
"id" : 8173787 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/8173787?v=4" ,
"html_url" : "https:\/\/github.com\/praetorian-inc"
} ,
"html_url" : "https:\/\/github.com\/praetorian-inc\/proxylogon-exploit" ,
"description" : "Proof-of-concept exploit for CVE-2021-26855 and CVE-2021-27065. Unauthenticated RCE in Exchange." ,
"fork" : false ,
"created_at" : "2021-03-24T01:12:48Z" ,
2021-05-27 23:11:42 +02:00
"updated_at" : "2021-05-27T17:55:20Z" ,
2021-03-24 04:10:43 +01:00
"pushed_at" : "2021-03-24T01:25:05Z" ,
2021-05-27 23:11:42 +02:00
"stargazers_count" : 16 ,
"watchers_count" : 16 ,
"forks_count" : 5 ,
"forks" : 5 ,
"watchers" : 16 ,
2021-03-24 04:10:43 +01:00
"score" : 0
2021-03-25 10:10:43 +01:00
} ,
2021-04-06 11:11:12 +02:00
{
"id" : 352785704 ,
"name" : "SharpProxyLogon" ,
"full_name" : "Flangvik\/SharpProxyLogon" ,
"owner" : {
"login" : "Flangvik" ,
"id" : 23613997 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/23613997?v=4" ,
"html_url" : "https:\/\/github.com\/Flangvik"
} ,
"html_url" : "https:\/\/github.com\/Flangvik\/SharpProxyLogon" ,
"description" : "C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection " ,
"fork" : false ,
"created_at" : "2021-03-29T21:10:34Z" ,
2021-05-10 17:11:32 +02:00
"updated_at" : "2021-05-10T12:57:45Z" ,
2021-04-06 11:11:12 +02:00
"pushed_at" : "2021-03-31T11:57:38Z" ,
2021-05-10 17:11:32 +02:00
"stargazers_count" : 130 ,
"watchers_count" : 130 ,
2021-05-04 17:11:46 +02:00
"forks_count" : 20 ,
"forks" : 20 ,
2021-05-10 17:11:32 +02:00
"watchers" : 130 ,
2021-04-14 17:11:24 +02:00
"score" : 0
} ,
{
"id" : 357875949 ,
"name" : "ProxyLogon" ,
"full_name" : "hosch3n\/ProxyLogon" ,
"owner" : {
"login" : "hosch3n" ,
"id" : 29953808 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/29953808?v=4" ,
"html_url" : "https:\/\/github.com\/hosch3n"
} ,
"html_url" : "https:\/\/github.com\/hosch3n\/ProxyLogon" ,
2021-04-16 05:11:02 +02:00
"description" : "CVE-2021-26855 & CVE-2021-27065 Fixed Bug Exploit" ,
2021-04-14 17:11:24 +02:00
"fork" : false ,
"created_at" : "2021-04-14T11:12:30Z" ,
2021-04-19 05:11:01 +02:00
"updated_at" : "2021-04-18T21:38:06Z" ,
2021-04-14 17:11:24 +02:00
"pushed_at" : "2021-04-14T11:19:28Z" ,
2021-04-19 05:11:01 +02:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
2021-05-26 23:11:43 +02:00
"forks_count" : 1 ,
"forks" : 1 ,
2021-04-19 05:11:01 +02:00
"watchers" : 3 ,
2021-04-06 11:11:12 +02:00
"score" : 0
2021-04-19 17:11:25 +02:00
} ,
{
"id" : 359403469 ,
"name" : "106362522" ,
"full_name" : "Nick-Yin12\/106362522" ,
"owner" : {
"login" : "Nick-Yin12" ,
"id" : 82452652 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/82452652?v=4" ,
"html_url" : "https:\/\/github.com\/Nick-Yin12"
} ,
"html_url" : "https:\/\/github.com\/Nick-Yin12\/106362522" ,
"description" : "針對近期微軟公布修補遭駭客攻擊的Exchange Server漏洞問題, , , , , ; , , , , , , , , , , ; , , , , , , , , , , ,
"fork" : false ,
"created_at" : "2021-04-19T09:33:52Z" ,
"updated_at" : "2021-04-19T09:35:18Z" ,
"pushed_at" : "2021-04-19T09:35:16Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"forks_count" : 0 ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0
2021-03-03 16:09:26 +01:00
}
]
