• Advertise
  • SS7 Hacking
Tuesday, May 30, 2023
No Result
View All Result
I Need Hack - Hacking Tutorials, News, Tips
  • Home
  • Exploits

    CiviCRM 5.59.alpha1 Cross Site Scripting

    ChurchCRM 4.5.4 Cross Site Scripting

    MobileTrans 4.0.11 Weak Service Permissions

    Filmora 12 Build 1.0.0.7 Unquoted Service Path

    Bludit CMS 3.14.1 Cross Site Scripting

    IBM AIX 7.2 inscout Privilege Escalation

    WordPress Core 6.2 XSS / CSRF / Directory Traversal

    SEO Friendly Blog CMS 1.0 Cross Site Scripting

    Ivanti Avalanche FileStoreConfig Shell Upload

    Trending Tags

    • sms exploit
    • ss7 software
    • simswap software
    • jpg exploit
    • kali linux
  • Hacking News
    Protect Your WhatsApp Chats From Snoopers With Chat Lock

    Protect Your WhatsApp Chats From Snoopers With Chat Lock

    Google Upgrades Its Vulnerability Reward Program Rules For Android, Devices

    Google Upgrades Its Vulnerability Reward Program Rules For Android, Devices

    Google Introduces Dark Web Monitoring For Gmail Users

    Google Introduces Dark Web Monitoring For Gmail Users

    Novel Malware Strain, PIPEDREAM, Deployed by Russian-Linked Hackers Against US Energy Corporations

    Novel Malware Strain, PIPEDREAM, Deployed by Russian-Linked Hackers Against US Energy Corporations

    Conti Ransomware Group Poses $20 Million Threat to Costa Rican Government

    Conti Ransomware Group Poses $20 Million Threat to Costa Rican Government

    Android Device Migration Tools Allow Unauthorized App Cloning

    Android Device Migration Tools Allow Unauthorized App Cloning

    Google Authenticator Introduces Google Account Sync

    Google Account To Support Passwordless Sign-ins With PassKeys

    1Password Confirms No Security Breach After “Password Changed” Alerts Panicked Users

    1Password Confirms No Security Breach After “Password Changed” Alerts Panicked Users

    Trafficstealer Exploits Container APIs for Malicious Redirections

    Trafficstealer Exploits Container APIs for Malicious Redirections

  • Hacking Tools
    External Understanding: Dissecting APIs inside of IoT devices (Part 1)

    External Understanding: Dissecting APIs inside of IoT devices (Part 1)

    Engaging Social Engineering: Extracting Information through Strategic Interactions

    Engaging Social Engineering: Extracting Information through Strategic Interactions

    Exclusive Interview with Alexandre Teyar – the creator of BurpGPT

    Exclusive Interview with Alexandre Teyar – the creator of BurpGPT

    Secure Coding Practices in Python: Best Practices for Avoiding Common Vulnerabilities

    Secure Coding Practices in Python: Best Practices for Avoiding Common Vulnerabilities

    OSINT: A Thoughtfulness About the Advantages and Disadvantages of this Technique

    OSINT: A Thoughtfulness About the Advantages and Disadvantages of this Technique

    Bypassing and Securing Kubernetes Ingress Network Policies

    Bypassing and Securing Kubernetes Ingress Network Policies

    When PT in ChatGPT refers to Penetration Testing

    When PT in ChatGPT refers to Penetration Testing

    Hashcat: A Beginner’s Guide

    Hashcat: A Beginner’s Guide

    Impact of Artificial Intelligence on Cybersecurity

    Impact of Artificial Intelligence on Cybersecurity

    Trending Tags

    • hacking tools
    • hacking software
    • hacking tips
    • ss7 attacks
    • simswap software
    • sms exploit
  • Hacking Tutorials
    External Understanding: Dissecting APIs inside of IoT devices (Part 1)

    External Understanding: Dissecting APIs inside of IoT devices (Part 1)

    Engaging Social Engineering: Extracting Information through Strategic Interactions

    Engaging Social Engineering: Extracting Information through Strategic Interactions

    Exclusive Interview with Alexandre Teyar – the creator of BurpGPT

    Exclusive Interview with Alexandre Teyar – the creator of BurpGPT

    Secure Coding Practices in Python: Best Practices for Avoiding Common Vulnerabilities

    Secure Coding Practices in Python: Best Practices for Avoiding Common Vulnerabilities

    OSINT: A Thoughtfulness About the Advantages and Disadvantages of this Technique

    OSINT: A Thoughtfulness About the Advantages and Disadvantages of this Technique

    Bypassing and Securing Kubernetes Ingress Network Policies

    Bypassing and Securing Kubernetes Ingress Network Policies

    When PT in ChatGPT refers to Penetration Testing

    When PT in ChatGPT refers to Penetration Testing

    Hashcat: A Beginner’s Guide

    Hashcat: A Beginner’s Guide

    Impact of Artificial Intelligence on Cybersecurity

    Impact of Artificial Intelligence on Cybersecurity

  • Kali Linux
    WindowSpy : A Cobalt Strike Beacon Object File Meant For Targetted User Surveillance

    WindowSpy : A Cobalt Strike Beacon Object File Meant For Targetted User Surveillance

    SilentMoonwalk – PoC Implementation Of A Fully Dynamic Call Stack Spoofer

    SilentMoonwalk – PoC Implementation Of A Fully Dynamic Call Stack Spoofer

    Unlock Your Employees’ Potential: How UEM Can Help Achieve Employee Experience

    Unlock Your Employees’ Potential: How UEM Can Help Achieve Employee Experience

    Mimicry : Security Tool For Active Deception In Exploitation And Post-Exploitation

    Mimicry : Security Tool For Active Deception In Exploitation And Post-Exploitation

    Wifi_Db : Script To Parse Aircrack-ng Captures To A SQLite Database

    Wifi_Db : Script To Parse Aircrack-ng Captures To A SQLite Database

    Seekr : A Multi-Purpose OSINT Toolkit With A Neat Web-Interface

    Seekr : A Multi-Purpose OSINT Toolkit With A Neat Web-Interface

    Grepmarx : A Source Code Static Analysis Platform For AppSec Enthusiasts

    Grepmarx : A Source Code Static Analysis Platform For AppSec Enthusiasts

    Power of Ecommerce Fraud Prevention Tools

    Power of Ecommerce Fraud Prevention Tools

    Shoggoth – Asmjit Based Polymorphic Encryptor

    Shoggoth – Asmjit Based Polymorphic Encryptor

    Trending Tags

    • kali linux
    • kali tools
    • hacking tools kali
    • kali hacking
    • pentesting
  • Security
    OpenAI Launches ChatGPT App for iOS, Bolstering Accessibility and Safety

    OpenAI Launches ChatGPT App for iOS, Bolstering Accessibility and Safety

    Teen Charged in DraftKings Data Breach

    Teen Charged in DraftKings Data Breach

    Keeper Password Vulnerability Let Hackers Gain the Master Password

    Keeper Password Vulnerability Let Hackers Gain the Master Password

    Keeper Password Vulnerability Let Hackers Gain the Master Password

    KeePass Password Manager Vulnerability Let Hackers Gain the Master Password

    Critical Cisco Switch Vulnerabilities Allow Remote Exploitation

    Critical Cisco Switch Vulnerabilities Allow Remote Exploitation

    Researchers Uncovered Notorious QakBot Malware C2 Infrastructure

    Researchers Uncovered Notorious QakBot Malware C2 Infrastructure

    FBI, GCHQ Unite To Foil Russian Malware Hacking Tool

    FBI, GCHQ Unite To Foil Russian Malware Hacking Tool

    Guide to Choosing the Best Family Cell Phone Plan

    Guide to Choosing the Best Family Cell Phone Plan

    Guide to Choosing the Best Family Cell Phone Plan

    Guide to Choosing the Best Family Cell Phone Plan

  • Advertise
  • Home
  • Exploits

    CiviCRM 5.59.alpha1 Cross Site Scripting

    ChurchCRM 4.5.4 Cross Site Scripting

    MobileTrans 4.0.11 Weak Service Permissions

    Filmora 12 Build 1.0.0.7 Unquoted Service Path

    Bludit CMS 3.14.1 Cross Site Scripting

    IBM AIX 7.2 inscout Privilege Escalation

    WordPress Core 6.2 XSS / CSRF / Directory Traversal

    SEO Friendly Blog CMS 1.0 Cross Site Scripting

    Ivanti Avalanche FileStoreConfig Shell Upload

    Trending Tags

    • sms exploit
    • ss7 software
    • simswap software
    • jpg exploit
    • kali linux
  • Hacking News
    Protect Your WhatsApp Chats From Snoopers With Chat Lock

    Protect Your WhatsApp Chats From Snoopers With Chat Lock

    Google Upgrades Its Vulnerability Reward Program Rules For Android, Devices

    Google Upgrades Its Vulnerability Reward Program Rules For Android, Devices

    Google Introduces Dark Web Monitoring For Gmail Users

    Google Introduces Dark Web Monitoring For Gmail Users

    Novel Malware Strain, PIPEDREAM, Deployed by Russian-Linked Hackers Against US Energy Corporations

    Novel Malware Strain, PIPEDREAM, Deployed by Russian-Linked Hackers Against US Energy Corporations

    Conti Ransomware Group Poses $20 Million Threat to Costa Rican Government

    Conti Ransomware Group Poses $20 Million Threat to Costa Rican Government

    Android Device Migration Tools Allow Unauthorized App Cloning

    Android Device Migration Tools Allow Unauthorized App Cloning

    Google Authenticator Introduces Google Account Sync

    Google Account To Support Passwordless Sign-ins With PassKeys

    1Password Confirms No Security Breach After “Password Changed” Alerts Panicked Users

    1Password Confirms No Security Breach After “Password Changed” Alerts Panicked Users

    Trafficstealer Exploits Container APIs for Malicious Redirections

    Trafficstealer Exploits Container APIs for Malicious Redirections

  • Hacking Tools
    External Understanding: Dissecting APIs inside of IoT devices (Part 1)

    External Understanding: Dissecting APIs inside of IoT devices (Part 1)

    Engaging Social Engineering: Extracting Information through Strategic Interactions

    Engaging Social Engineering: Extracting Information through Strategic Interactions

    Exclusive Interview with Alexandre Teyar – the creator of BurpGPT

    Exclusive Interview with Alexandre Teyar – the creator of BurpGPT

    Secure Coding Practices in Python: Best Practices for Avoiding Common Vulnerabilities

    Secure Coding Practices in Python: Best Practices for Avoiding Common Vulnerabilities

    OSINT: A Thoughtfulness About the Advantages and Disadvantages of this Technique

    OSINT: A Thoughtfulness About the Advantages and Disadvantages of this Technique

    Bypassing and Securing Kubernetes Ingress Network Policies

    Bypassing and Securing Kubernetes Ingress Network Policies

    When PT in ChatGPT refers to Penetration Testing

    When PT in ChatGPT refers to Penetration Testing

    Hashcat: A Beginner’s Guide

    Hashcat: A Beginner’s Guide

    Impact of Artificial Intelligence on Cybersecurity

    Impact of Artificial Intelligence on Cybersecurity

    Trending Tags

    • hacking tools
    • hacking software
    • hacking tips
    • ss7 attacks
    • simswap software
    • sms exploit
  • Hacking Tutorials
    External Understanding: Dissecting APIs inside of IoT devices (Part 1)

    External Understanding: Dissecting APIs inside of IoT devices (Part 1)

    Engaging Social Engineering: Extracting Information through Strategic Interactions

    Engaging Social Engineering: Extracting Information through Strategic Interactions

    Exclusive Interview with Alexandre Teyar – the creator of BurpGPT

    Exclusive Interview with Alexandre Teyar – the creator of BurpGPT

    Secure Coding Practices in Python: Best Practices for Avoiding Common Vulnerabilities

    Secure Coding Practices in Python: Best Practices for Avoiding Common Vulnerabilities

    OSINT: A Thoughtfulness About the Advantages and Disadvantages of this Technique

    OSINT: A Thoughtfulness About the Advantages and Disadvantages of this Technique

    Bypassing and Securing Kubernetes Ingress Network Policies

    Bypassing and Securing Kubernetes Ingress Network Policies

    When PT in ChatGPT refers to Penetration Testing

    When PT in ChatGPT refers to Penetration Testing

    Hashcat: A Beginner’s Guide

    Hashcat: A Beginner’s Guide

    Impact of Artificial Intelligence on Cybersecurity

    Impact of Artificial Intelligence on Cybersecurity

  • Kali Linux
    WindowSpy : A Cobalt Strike Beacon Object File Meant For Targetted User Surveillance

    WindowSpy : A Cobalt Strike Beacon Object File Meant For Targetted User Surveillance

    SilentMoonwalk – PoC Implementation Of A Fully Dynamic Call Stack Spoofer

    SilentMoonwalk – PoC Implementation Of A Fully Dynamic Call Stack Spoofer

    Unlock Your Employees’ Potential: How UEM Can Help Achieve Employee Experience

    Unlock Your Employees’ Potential: How UEM Can Help Achieve Employee Experience

    Mimicry : Security Tool For Active Deception In Exploitation And Post-Exploitation

    Mimicry : Security Tool For Active Deception In Exploitation And Post-Exploitation

    Wifi_Db : Script To Parse Aircrack-ng Captures To A SQLite Database

    Wifi_Db : Script To Parse Aircrack-ng Captures To A SQLite Database

    Seekr : A Multi-Purpose OSINT Toolkit With A Neat Web-Interface

    Seekr : A Multi-Purpose OSINT Toolkit With A Neat Web-Interface

    Grepmarx : A Source Code Static Analysis Platform For AppSec Enthusiasts

    Grepmarx : A Source Code Static Analysis Platform For AppSec Enthusiasts

    Power of Ecommerce Fraud Prevention Tools

    Power of Ecommerce Fraud Prevention Tools

    Shoggoth – Asmjit Based Polymorphic Encryptor

    Shoggoth – Asmjit Based Polymorphic Encryptor

    Trending Tags

    • kali linux
    • kali tools
    • hacking tools kali
    • kali hacking
    • pentesting
  • Security
    OpenAI Launches ChatGPT App for iOS, Bolstering Accessibility and Safety

    OpenAI Launches ChatGPT App for iOS, Bolstering Accessibility and Safety

    Teen Charged in DraftKings Data Breach

    Teen Charged in DraftKings Data Breach

    Keeper Password Vulnerability Let Hackers Gain the Master Password

    Keeper Password Vulnerability Let Hackers Gain the Master Password

    Keeper Password Vulnerability Let Hackers Gain the Master Password

    KeePass Password Manager Vulnerability Let Hackers Gain the Master Password

    Critical Cisco Switch Vulnerabilities Allow Remote Exploitation

    Critical Cisco Switch Vulnerabilities Allow Remote Exploitation

    Researchers Uncovered Notorious QakBot Malware C2 Infrastructure

    Researchers Uncovered Notorious QakBot Malware C2 Infrastructure

    FBI, GCHQ Unite To Foil Russian Malware Hacking Tool

    FBI, GCHQ Unite To Foil Russian Malware Hacking Tool

    Guide to Choosing the Best Family Cell Phone Plan

    Guide to Choosing the Best Family Cell Phone Plan

    Guide to Choosing the Best Family Cell Phone Plan

    Guide to Choosing the Best Family Cell Phone Plan

  • Advertise
No Result
View All Result
I Need Hack - Hacking Tutorials, News, Tips
SS7 SMS Intercept SS7 SMS Intercept SS7 SMS Intercept
Home Hacking Tutorials

Microsoft Exchange AutoDiscover Design Flaw: The Great Leak

by Ineedhack
December 1, 2022
in Hacking Tutorials
0
CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
80
SHARES
499
VIEWS
Share on FacebookShare on Twitter
Kripkey Spy Phone Kripkey Spy Phone Kripkey Spy Phone

Researchers discovered a design flaw in Microsoft Exchange’s Autodiscover Protocol. This allowed researchers to access 372,072 Windows domain credentials as well as 96,671 distinct sets of credentials from third-party email client applications like Microsoft Outlook. Amit Serper, who was the one to discover the problem, said that the two main issues are the Autodiscover protocol’s design, specifically its “back-off” algorithm and poor implementation in certain applications.

An attacker can sniff networks or take control of specific domains and capture domain credentials as plain text (HTTP Basic authentication). This is a serious security problem. Additionally, attackers can use large-scale DNS poisoning attacks to collect domain credentials, compromising security for many companies.

AutoDiscover creates an endpoint list using the domain name. This is where autodiscover.xml files are usually found. The following formats are used by the email client to create a URL when configuring an email account.

  • https://autodiscover.domain.com/autodiscover/autodiscover.xml
  • http://autodiscover.domain.com/autodiscover/autodiscover.xml
  • https://domain.com/autodiscover/autodiscover.xml
  • http://domain.com/autodiscover/autodiscover.xml

If none of the endpoints respond, the “backoff” procedure will be initiated. This is the flaw in the design. If all of the endpoints fail, the next attempt at retrieving autodiscover.xml is made.

http://Autodiscover.com/Autodiscover/Autodiscover.xml

The autodiscover.com domain owner is now able to accept all queries that do not reach their original domains. Researchers purchased several TLDs from Autodiscover, such as Autodiscover.fr or Autodiscover.com.co. They then assigned them to a webserver where significant numbers of Autodiscover requests came in with an Authorization header. These requests came from a variety of verticals, including investment banks, power plants, and manufacturing firms.

Demands broken down Source: Guardicore.

Organizations can create their own Autodiscover domains to mitigate the security problem and also block any other Autodiscover.TLD domains from being blocked in local DNS or at the firewall. Poor implementation of AutoDiscover protocols in email clients can also cause security issues. Software vendors can avoid this issue by not allowing the application to fail in the “back off” process where autodiscover.TLD domains will be constructed. System administrators need to disable basic authentication for Microsoft Exchange servers. Clear-text credentials cannot be sent over the network, which could make them easy to intercept.


Conclusion

Domain credentials are commonly used to log into an Exchange-based e mail box. It is crucial to be aware of this fact. If domain credentials are compromised on a large scale, the impact can be devastating. This is especially true if 2FA isn’t configured. It can lead to financial loss for the target company. A compromised business email account can allow access to sensitive information in the mailbox and reset passwords. It is possible to leak domain credentials in order to establish a foothold on the network using internet-exposed services like SSL VPN and Remote Desktop Gateways. Yes, RDP gateways are still available! possible through unpatched Exchange servers.

You can find more information about the researcher who found the fault in Microsoft Exchange AutoDiscover here.


Testing Microsoft Exchange

Do you want to learn more about Microsoft Exchange Penetration Testing Keep checking the Hacking Tutorials website for updates as we work on an Exchange Penetration Testing tutorial series.

Udemy Hacking Courses

Bug Bounty: An Advanced Guide for Finding Good Bugs

Real World Bug Bounty Techniques

Website Hacking / Penetration Testing & Bug Bounty Hunting

Be a bug bounty hunter. You can hack websites and web apps like black-hat hackers, then secure them like professionals.

Tags: hack newshacking softwarehacking tipshacking toolshacking tutorialssimswap attackssimswap hacksmartphone hackingss7 attacksss7 software
Ineedhack

Ineedhack

Next Post
Kali Linux Version 2021.4

Kali Linux Version 2021.4

Sim Swap Software Sim Swap Software Sim Swap Software

Recommended

NetLlix: A tool to simulate and test exfiltration of data over different network protocols

5 months ago

Oracle DB Broken PDB Isolation / Metadata Exposure

3 months ago

Popular News

    • Advertise
    • SS7 Hacking

    ©2017- 2022 Hacking Tutorials

    No Result
    View All Result
    • Home
    • Exploits
    • Hacking News
    • Hacking Tools
    • Hacking Tutorials
    • Kali Linux
    • Security
    • Advertise