proxyshell-poc icon indicating copy to clipboard operation
proxyshell-poc copied to clipboard

Published 20 hours ago verified publisher icon dmaasland

XML ParseError error

Open xElkomy opened this issue 3 years ago • 9 comments

Anyone can fix this error ?!

Traceback (most recent call last):
  File "proxyshell_rce.py", line 369, in <module>
    main()
  File "proxyshell_rce.py", line 349, in main
    exploit(proxyshell)
  File "proxyshell_rce.py", line 179, in exploit
    proxyshell.get_legacydn()
  File "proxyshell_rce.py", line 117, in get_legacydn
    autodiscover_xml = ET.fromstring(r.content)
  File "/usr/lib/python3.8/xml/etree/ElementTree.py", line 1321, in XML
    return parser.close()
xml.etree.ElementTree.ParseError: no element found: line 1, column 0

xElkomy avatar Aug 15 '21 21:08 xElkomy

Are you sure the server you're testing against is vulnerable?

dmaasland avatar Aug 16 '21 07:08 dmaasland

Are you sure the server you're testing against is vulnerable?

The error on any site vulnerable or not ksnip_20210816-093239

My python version is 3.9.5

xElkomy avatar Aug 16 '21 07:08 xElkomy

This is a totally different error. Please add this to line 116 and share the output after running the script again:

print(r.status_code, r.headers, r.content)

dmaasland avatar Aug 16 '21 07:08 dmaasland

Done print the response now ksnip_20210816-100441

xElkomy avatar Aug 16 '21 08:08 xElkomy

Your exchange version is 15.1.2308.14. Also known as Exchange 2016 CU21:

https://exchangeserverversions.blogspot.com/2016/01/exchange-server-2016.html

This version is not vulnerable: https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2016-july-13-2021-kb5004779-81e40da3-60db-4c09-bf11-b8c1e0c1b77d

dmaasland avatar Aug 16 '21 08:08 dmaasland

X-OWA-Version: 15.1.225.42 I also encountered the same problem, is there vulnerability in my version?

zhinianyuxin0o0 avatar Aug 17 '21 07:08 zhinianyuxin0o0

Hi, I have the same problem tested this POC in multiple older versions but getting same error.

Traceback (most recent call last): File "C:\Users\chirag\Desktop\Hacking Learning\proxyshell-poc\proxyshell_rce.py", line 364, in main() File "C:\Users\chirag\Desktop\Hacking Learning\proxyshell-poc\proxyshell_rce.py", line 349, in main exploit(proxyshell) File "C:\Users\chirag\Desktop\Hacking Learning\proxyshell-poc\proxyshell_rce.py", line 179, in exploit proxyshell.get_legacydn() File "C:\Users\chirag\Desktop\Hacking Learning\proxyshell-poc\proxyshell_rce.py", line 117, in get_legacydn autodiscover_xml = ET.fromstring(r.content) File "C:\Users\chirag\AppData\Local\Programs\Python\Python39\lib\xml\etree\ElementTree.py", line 1347, in XML parser.feed(text) xml.etree.ElementTree.ParseError: syntax error: line 1, column 0

1st Tested in /owa/auth/15.0.1497/ 2nd Tested in /owa/14.3.513.0/

Thank You!

Sachinart avatar Aug 17 '21 11:08 Sachinart

I got the same error (tested 15.0.1497 & 15.0.1044)

Wayc0des-Land avatar Aug 18 '21 18:08 Wayc0des-Land

That error means that either:

  1. The server isn't vulnerable
  2. The email address is incorrect

Nothing I can do about it.

dmaasland avatar Aug 18 '21 18:08 dmaasland