This is a guest post DEVCORE collaborated with Zero Day Initiative (ZDI) and published at their blog, which describes the exploit chain we demonstrated at Pwn2Own 2021! Please visit the following link to read that :)
If you are interesting in more Exchange Server attacks, you can also check our series of articles:
- A New Attack Surface on MS Exchange Part 1 - ProxyLogon!
- A New Attack Surface on MS Exchange Part 2 - ProxyOracle!
- A New Attack Surface on MS Exchange Part 3 - ProxyShell!
- A New Attack Surface on MS Exchange Part 4 (coming soon…)
With ProxyShell, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server through an exposed 443 port! Here is the demonstration video: