| 1 | + | $target = "mail.local" |
| 2 | + | try |
| 3 | + | { |
| 4 | + | $webtest = Invoke-WebRequest -uri "https://$target/autodiscover" |
| 5 | + | } |
| 6 | + | catch |
| 7 | + | { |
| 8 | + | Write-Host $_.ErrorDetails.Message; |
| 9 | + | $Failure = $_.Exception.Response |
| 10 | + | $Failure.Headers.tostring() |
| 11 | + | } |
| 12 | + | |
| 13 | + | try |
| 14 | + | { |
| 15 | + | $webtest = invoke-webrequest -uri "https://$target/autodiscover/[email protected]/owa/&Email=autodiscover/[email protected]&Protocol=XYZ&FooProtocol=Powershell" |
| 16 | + | } |
| 17 | + | catch |
| 18 | + | { |
| 19 | + | $Failure = $_.Exception.Response |
| 20 | + | $Failure.Headers.tostring() |
| 21 | + | $Failure.Headers.tostring() | findstr /I "X-OWA-Version" |
| 22 | + | $Failure.Headers.tostring() | findstr /I "X-FEServer" |
| 23 | + | if($Failure.Headers -contains "X-FEServer") |
| 24 | + | { |
| 25 | + | write-host "Poentially vulnerable to CVE-2022-40140 & CVE-2022-41082" -ForegroundColor Red |
| 26 | + | } |
| 27 | + | |
| 28 | + | |
| 29 | + | } |
| 30 | + | |