JOIN BREACHFORUMS TELEGRAM
POC + Exploit CVE-2023-23397
by Farfallaiero - Wednesday December 13, 2023 at 05:23 PM
I Am Become Death; Destoyer of Worlds
God
Posts: 42
Threads: 11
Joined: Oct 2023
Reputation: 250

GOD
#1
Dec 13, 2023, 05:23 PM
CVE-2023-23397 is a vulnerability in MS Outlook that allows an attacker to potentially exfil user authentication details. The vulnerability relates to the the ability for an attacker to specify a UNC path in the "ReminderSoundFile" property within an email/meeting invite - when the reminder triggers in Outlook, the user's Outlook client attempts to load the sound file specified in the path. If Outlook attempts to initiate an SMB connection to a remote SMB server, it might be possible for the attacker to intercept the user's Net-NTLMv2 hash and relay this to authenticate as the user.




Hidden Content
You must register or login to view this content.
0D|nS3c
Reply
Elite User

Posts: 146
Threads: 12
Joined: Aug 2023
Reputation: 0
#2
Jan 01, 2024, 01:23 PM
very fun to look at these!
Reply
Advanced User

Posts: 70
Threads: 2
Joined: Sep 2023
Reputation: 0
#3
Jan 04, 2024, 11:35 AM
Hope this work good sir thank you ?
Reply
Breached
Member
Posts: 9
Threads: 0
Joined: Nov 2023
Reputation: 0
#4
Feb 08, 2024, 05:58 AM
Thanks for sharing
Reply
Breached
Member
Posts: 2
Threads: 0
Joined: Feb 2024
Reputation: 0
#5
Feb 12, 2024, 11:06 AM
smell me mayne....
Reply
Breached
Member
Posts: 14
Threads: 0
Joined: Dec 2023
Reputation: 0
#6
Feb 14, 2024, 07:28 AM
Thanks for sharing
Reply
Breached
Member
Posts: 4
Threads: 0
Joined: Mar 2024
Reputation: 0
#7
Mar 03, 2024, 02:01 AM
(Dec 13, 2023, 05:23 PM)Farfallaiero Wrote: CVE-2023-23397 is a vulnerability in MS Outlook that allows an attacker to potentially exfil user authentication details. The vulnerability relates to the the ability for an attacker to specify a UNC path in the "ReminderSoundFile" property within an email/meeting invite - when the reminder triggers in Outlook, the user's Outlook client attempts to load the sound file specified in the path. If Outlook attempts to initiate an SMB connection to a remote SMB server, it might be possible for the attacker to intercept the user's Net-NTLMv2 hash and relay this to authenticate as the user.

w bro i mean this is a really cool thing yk my nigga
Reply
Breached
Member
Posts: 9
Threads: 1
Joined: Mar 2024
Reputation: 0
#8
Mar 04, 2024, 04:50 PM
thank you bro good post
Reply
Advanced User

Posts: 98
Threads: 3
Joined: Oct 2023
Reputation: 30
#9
Mar 04, 2024, 09:00 PM
am aware all the payload needs is just a "!" to break shit lol
Reply
Breached
Member
Posts: 11
Threads: 0
Joined: Mar 2024
Reputation: 0
#10
Mar 28, 2024, 06:43 AM
Much appreciation! Stellar job! You're absolutely amazing.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  {SECRET} DATABASE OF EXPLOITS lulagain 432 25,349 Today, 12:12 AM
Last Post: fokfdo223
  New Zer0 Day Wordpress A3g00n 79 2,985 Yesterday, 04:09 PM
Last Post: baku
  new wordpress website takeover vuln (video + poc ) zinzeur 314 28,020 Yesterday, 03:54 PM
Last Post: baku
  Google Dorks for finding SQL injection vulnerabilities and other security issues 1yush 66 2,993 Apr 29, 2026, 08:51 PM
Last Post: Yjuddur
  Acunetix Premium Cracked v24 Full Activated A3g00n 22 1,348 Apr 29, 2026, 09:22 AM
Last Post: Usercomplex

Forum Jump:


 Users browsing this forum: 1 Guest(s)