Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

The Hacker News
The Hacker Newsadded 2022/06/21 8:2 a.m.56 views

New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain

A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System DFS: Namespace Management Protocol MS-DFSNM to seize control of a domain. "Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service...

7.1AI score
Exploits0
Metasploit
Metasploitadded 2022/02/05 5:43 p.m.267 views

PetitPotam

Coerce an authentication attempt over SMB to other machines via MS-EFSRPC methods. Module Options msf use auxiliary/scanner/dcerpc/petitpotam msf auxiliarypetitpotam show actions ...actions... msf auxiliarypetitpotam set ACTION msf auxiliarypetitpotam show options ...show and set options... msf...

7.5CVSS7.6AI score0.93727EPSS
Exploits4
Kitploit
Kitploitadded 2021/12/23 8:30 p.m.16 views

MultiPotato - Another Potato to get SYSTEM via SeImpersonate privileges

First of all - credit to @splintercode & @decoderit for RoguePotato as this code heavily bases on it. This is just another Potato to get SYSTEM via SeImpersonate privileges. But this one is different in terms of It doesn't contain any SYSTEM auth trigger for weaponization. Instead the code can be...

7.4AI score
Exploits0References3
Check Point Advisories
Check Point Advisoriesadded 2021/07/27 12:0 a.m.16 views

Microsoft Active Directory Certificate Services NTLM Relay (CVE-2021-36942; CVE-2022-26925)

An NTLM relay vulnerability exists in Microsoft Active Directory Certificate Services. A remote attack can coerce Windows hosts to authenticate to other machines via the MS-EFSRPC protocol and obtain its NTLM credential. Successful exploitation could lead to complete takeover of the target domain...

5CVSS4.1AI score0.93727EPSS
Exploits4
ThreatPost
ThreatPostadded 2021/07/26 7:33 p.m.83 views

Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

Microsoft was quick to respond with a fix to an attack dubbed “PetitPotam” that could force remote Windows systems to reveal password hashes that could then be easily cracked. To thwart an attack, Microsoft recommends system administrators stop using the now deprecated Windows NT LAN Manager NTLM...

7.6AI score
Exploits0References9
The Hacker News
The Hacker Newsadded 2021/07/26 7:16 a.m.242 views

New PetitPotam NTLM Relay Attack Lets Hackers Take Over Windows Domains

A newly uncovered security flaw in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to stage an NTLM relay attack and completely take over a Windows domain. The...

0.9AI score
Exploits0
Rows per page
Query Builder