13 September 2023

Security I Trust

Helping you build Security and Trust

Hot to user Nmap to scan Microsoft Exchange servers for “ProxyNoShell”, 2022-40140 & CVE-2022-41082

1 min read

Hot to user Nmap to scan Microsoft Exchange servers for “ProxyNoShell”, 2022-40140 & CVE-2022-41082

1. Install Nmap on your computer
2. Go to https://github.com/CronUp/Vulnerabilidades/blob/main/proxynotshell_checker.nse
3. Copy the script content in a notepad file and save it as proxynotshell_checker.nse (I always use Notepad++)
4. Open a Command prompt window (Dos Box for those who still remember using DOS)
5. Enter the follow command

nmap -T4 -O -A -v –script “C:\\temp\\Nmap\\proxynotshell_checker.nse” 192.168.1.1

6. Press enter to start Nmap

C:\\temp\\Nmap\\proxynotshell_checker.nse (This is the directory where I saved the script)
192.168.1.1 (You need to replace this IP address with the IP of your exchange server)

If your Exchange Server is vulnerable you will see results similar to this