Microsoft Windows .XRM-MS File / NTLM Information Disclosure Spoofing – Full Disclosure

Posted by hyp3rlinx on May 01
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: https://hyp3rlinx.altervista.org/advisories/Microsoft_Windows_xrm-ms_File_NTLM-Hash_Disclosure.txt
[+] x.com/hyp3rlinx
[+] ISR: ApparitionSec
[Vendor]
www.microsoft.com
[Product]
.xrm-ms File Type
[Vulnerability Type]
NTLM Hash Disclosure (Spoofing)
[Video URL PoC]
https://www.youtube.com/watch?v=d5U_krLQbNY
[CVE Reference]
N/A
[Security Issue]
The…
– Read More – Full Disclosure