{"uuid": "fcb51c3a-850e-4d4f-8122-4579d75cd8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-31207", "type": "exploited", "source": "https://t.me/Linux_Arabs/60", "content": "\u0645\u062c\u0645\u0648\u0639\u0629 \u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0641\u062f\u064a\u0629 BlackByte \u062a\u0642\u0648\u0645 \u0628\u0625\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0627\u062a ProxyShell \u0641\u064a \u062e\u0627\u062f\u0645 Microsoft Exchange \u0644\u0644\u0648\u0635\u0648\u0644 \u0644\u0634\u0628\u0643\u0627\u062a \u0627\u0644\u0634\u0631\u0643\u0627\u062a\n_ \u0641\u064a \u062a\u0642\u0631\u064a\u0631 \u0645\u0641\u0635\u0644 \u0639\u0646 Red Canary \u062d\u0644\u0644 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u0647\u062c\u0648\u0645 BlackByte Ransomware \u0648\u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0644\u062b\u063a\u0631\u0629 ProxyShell \u0644\u062a\u062b\u0628\u064a\u062a web shells \u0639\u0644\u0649 \u062e\u0627\u062f\u0645 Exchange \u0645\u064f\u062e\u062a\u0631\u0642\n\nRed Canary\nhttps://redcanary.com/blog/blackbyte-ransomware\n\nBleeping Computer\nhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-blackbyte-ransomware\n\n#ProxyShell #exploit #CVE-2021-31207 dCVE-2021-34523 #CVE-2021-34473\nProxyShell #poc\nhttps://github.com/dmaasland/proxyshell-poc\n\nProxyShell poc Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)\nhttps://github.com/ktecv2000/ProxyShell\n\n#poc for scanning ProxyShell\nhttps://github.com/mithridates1313/ProxyShell_POC\n\nAutomatic ProxyShell #Exploit\nhttps://github.com/Udyz/proxyshell-auto", "creation_timestamp": "2024-11-02T22:56:11.000000Z"}