Zero Day Initiative - Exploiting Exchange PowerShell After ProxyNotShell: Part 3 - DLL Loading Chain for RCE
Briefly

from Zero Day Initiative4 months ago
The chain of three vulnerabilities, namely CVE-2023-36744, CVE-2023-36777, and CVE-2023-36745, illustrates how they collectively enable remote code execution in Microsoft Exchange.
Zero Day Initiativehttps://www.thezdi.com/blog/2024/9/18/exploiting-exchange-powershell-after-proxynotshell-part-3-dll-loading-chain-for-rce
CVE-2023-36745 demonstrated an intriguing use of a single-argument constructor in a specific Exchange class to load a DLL from an attacker-controlled location, thus highlighting potential for privilege escalation.
Zero Day Initiativehttps://www.thezdi.com/blog/2024/9/18/exploiting-exchange-powershell-after-proxynotshell-part-3-dll-loading-chain-for-rce
The methodical presentation of the vulnerabilities reveals a comprehensive thought process in chaining them together, emphasizing the technical depth and strategic considerations involved in the exploitation.
Zero Day Initiativehttps://www.thezdi.com/blog/2024/9/18/exploiting-exchange-powershell-after-proxynotshell-part-3-dll-loading-chain-for-rce
The talk at OffensiveCon serves not only as an informative session but also as an important resource for understanding the intricacies of exploiting Microsoft Exchange PowerShell Remoting.
Zero Day Initiativehttps://www.thezdi.com/blog/2024/9/18/exploiting-exchange-powershell-after-proxynotshell-part-3-dll-loading-chain-for-rce
Read at Zero Day Initiative
#cve-2023-36744 #cve-2023-36777 #cve-2023-36745 #remote-code-execution #microsoft-exchange
[
|
]