Leaked Exploit Developed by Haxel0rd
CVE-2022-26134 Tools:
Scan for Confluence RCE CVE-2022-26134
This tool scans if a target is vulnerable to CVE-2022-26134.
Tested on: Windows/Linux, Python 2.7 - 3.x
Dependencies: argparse, requests
Note: Invasive checks (non-destructive RCE performed)
Examples:
python confluenceRCE.py -t
python confluenceRCE.py -t
python confluenceRCE.py -t 127.0.0.1 -p 8090 -c 15 (set timeout)
Exchangy.py Exploit Tool
Purpose:
Quickly gather information on Microsoft Exchange Server versions and patch levels. No authentication required!
Works remotely without logging in
Detects almost all Exchange versions
Bypasses firewall protection and cleansed panels
Tested on Win/Linux, Python 3.7+
Usage examples:
python3 exchangy.py -t mail.someserver.com
python3 exchangy.py -t mail.someserver.com -p 8443
python3 exchangy.py -s (skip online probe)
ShellEX v1.0 - HAFNIUM Vulnerability & Infection Scanner
This tool scans Exchange Servers for CVE-2021-26855 & web shell infections. Designed for mass scanning of targets.
Features:
Detects over 90 shell variants (First wave after Microsoft report)
Multithreaded for mass scanning
Works remotely from a "BlackBox" point of view
Minimal false positives
Smart scanning, saving requests to offline hosts
Examples:
python3 shellEX.py -h (Help page)
python3 shellEX.py -t mail.company.com (Single target)
python3 shellEX.py -i targets.txt -o results.txt (List of targets)
Options & Tweaks:
-h Help page
-x Number of threads
-c Scanning timeout
-a Add custom shells for detection
-t Target URL
-i Input file for list of targets
-o Output file for results
-v Verbose mode
This should be easier to read, more concise, and with a clearer structure. Let me know if this works better for you!
CVE-2022-26134 Tools:
Scan for Confluence RCE CVE-2022-26134
This tool scans if a target is vulnerable to CVE-2022-26134.
Tested on: Windows/Linux, Python 2.7 - 3.x
Dependencies: argparse, requests
Note: Invasive checks (non-destructive RCE performed)
Examples:
python confluenceRCE.py -t
python confluenceRCE.py -t
python confluenceRCE.py -t 127.0.0.1 -p 8090 -c 15 (set timeout)
Exchangy.py Exploit Tool
Purpose:
Quickly gather information on Microsoft Exchange Server versions and patch levels. No authentication required!
Works remotely without logging in
Detects almost all Exchange versions
Bypasses firewall protection and cleansed panels
Tested on Win/Linux, Python 3.7+
Usage examples:
python3 exchangy.py -t mail.someserver.com
python3 exchangy.py -t mail.someserver.com -p 8443
python3 exchangy.py -s (skip online probe)
ShellEX v1.0 - HAFNIUM Vulnerability & Infection Scanner
This tool scans Exchange Servers for CVE-2021-26855 & web shell infections. Designed for mass scanning of targets.
Features:
Detects over 90 shell variants (First wave after Microsoft report)
Multithreaded for mass scanning
Works remotely from a "BlackBox" point of view
Minimal false positives
Smart scanning, saving requests to offline hosts
Examples:
python3 shellEX.py -h (Help page)
python3 shellEX.py -t mail.company.com (Single target)
python3 shellEX.py -i targets.txt -o results.txt (List of targets)
Options & Tweaks:
-h Help page
-x Number of threads
-c Scanning timeout
-a Add custom shells for detection
-t Target URL
-i Input file for list of targets
-o Output file for results
-v Verbose mode
This should be easier to read, more concise, and with a clearer structure. Let me know if this works better for you!