JOIN BREACHFORUMS TELEGRAM
POC + Exploit CVE-2023-23397
by Farfallaiero - Wednesday December 13, 2023 at 05:23 PM
Breached
Member
Posts: 7
Threads: 0
Joined: Dec 2024
Reputation: 0
#21
Dec 28, 2024, 12:37 PM
(Dec 13, 2023, 05:23 PM)Farfallaiero Wrote: CVE-2023-23397 is a vulnerability in MS Outlook that allows an attacker to potentially exfil user authentication details. The vulnerability relates to the the ability for an attacker to specify a UNC path in the "ReminderSoundFile" property within an email/meeting invite - when the reminder triggers in Outlook, the user's Outlook client attempts to load the sound file specified in the path. If Outlook attempts to initiate an SMB connection to a remote SMB server, it might be possible for the attacker to intercept the user's Net-NTLMv2 hash and relay this to authenticate as the user.

kind of looks fun
Reply
Banned

Posts: 39
Threads: 0
Joined: Jan 2025
Reputation: 0
#22
Feb 17, 2025, 07:32 PM
I will try this vulnerability.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  {SECRET} DATABASE OF EXPLOITS lulagain 432 25,315 5 hours ago
Last Post: fokfdo223
  New Zer0 Day Wordpress A3g00n 79 2,966 Yesterday, 04:09 PM
Last Post: baku
  new wordpress website takeover vuln (video + poc ) zinzeur 314 28,007 Yesterday, 03:54 PM
Last Post: baku
  Google Dorks for finding SQL injection vulnerabilities and other security issues 1yush 66 2,981 Apr 29, 2026, 08:51 PM
Last Post: Yjuddur
  Acunetix Premium Cracked v24 Full Activated A3g00n 22 1,340 Apr 29, 2026, 09:22 AM
Last Post: Usercomplex

Forum Jump:


 Users browsing this forum: 1 Guest(s)