2 matches found
Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module)
!/usr/bin/env python3 -- coding: utf-8 -- standard modules from metasploit import module extra modules DEPENDENCIESMISSING = False try: import base64 import itertools import os import requests except ImportError: DEPENDENCIESMISSING = True Metasploit Metadata metadata = 'name': 'Microsoft RDP Web...
U.S. Dept Of Defense: [HTA2] XXE on https://███ via SpellCheck Endpoint.
A full read XXE vulnerability was discovered on a website via the SpellCheck endpoint, allowing an attacker to read local files, make HTTP requests to internal applications and read the responses, steal NTLM hashes, and also completely deny service to the application...