Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
&color=blue)
&color=blue)
&color=blue)
&color=blue)
&color=blue)
&color=blue)
&color=blue)
&color=blue)
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature.The update addresses the vulnerability by hardening NTLM MIC protection on the server-side.
No PoCs from references.
- https://github.com/0xMrNiko/Awesome-Red-Teaming
- https://github.com/0xT11/CVE-POC
- https://github.com/20142995/sectool
- https://github.com/5l1v3r1/CVE-2019-1041
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Amar224/Pentest-Tools
- https://github.com/AnonVulc/Pentest-Tools
- https://github.com/Ascotbe/Kernelhub
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CougarCS-InfoSec/PwnAtlas
- https://github.com/Cruxer8Mech/Idk
- https://github.com/EASI-Sec/EasiWeapons.sh
- https://github.com/ErdemOzgen/ActiveDirectoryAttacks
- https://github.com/EvilAnne/2019-Read-article
- https://github.com/FDlucifer/Proxy-Attackchain
- https://github.com/GhostTroops/TOP
- https://github.com/Gl3bGl4z/All_NTLM_leak
- https://github.com/H1CH444MREB0RN/PenTest-free-tools
- https://github.com/HackingCost/AD_Pentest
- https://github.com/ImranTheThirdEye/AD-Pentesting-Tools
- https://github.com/IvanVoronov/0day
- https://github.com/JERRY123S/all-poc
- https://github.com/JFR-C/Windows-Penetration-Testing
- https://github.com/Jean-Francois-C/Windows-Penetration-Testing
- https://github.com/Kahvi-0/PrinterSpray
- https://github.com/Maxvol20/respoder_ntlm
- https://github.com/Mehedi-Babu/pentest_tools_repo
- https://github.com/MizaruIT/PENTAD-TOOLKIT
- https://github.com/MizaruIT/PENTADAY_TOOLKIT
- https://github.com/MrPWH/Pentest-Tools
- https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense
- https://github.com/QAX-A-Team/dcpwn
- https://github.com/R0B1NL1N/AD-Attack-Defense
- https://github.com/Ridter/CVE-2019-1040
- https://github.com/Ridter/CVE-2019-1040-dcpwn
- https://github.com/Ridter/RelayX
- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories
- https://github.com/S3cur3Th1sSh1t/Pentest-Tools
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Waseem27-art/ART-TOOLKIT
- https://github.com/Whiteh4tWolf/Attack-Defense
- https://github.com/X-The-Mystic/xframe
- https://github.com/XTeam-Wing/Hunting-Active-Directory
- https://github.com/YellowVeN0m/Pentesters-toolbox
- https://github.com/Zamanry/OSCP_Cheatsheet
- https://github.com/ZyberPatrol/Active-Directory
- https://github.com/alphaSeclab/sec-daily-2019
- https://github.com/aymankhder/AD-attack-defense
- https://github.com/bhataasim1/AD-Attack-Defence
- https://github.com/botesjuan/PenTestMethodology
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/elinakrmova/RedTeam-Tools
- https://github.com/emtee40/win-pentest-tools
- https://github.com/fox-it/cve-2019-1040-scanner
- https://github.com/geeksniper/active-directory-pentest
- https://github.com/getanehAl/Windows-Penetration-Testing
- https://github.com/hack-parthsharma/Pentest-Tools
- https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense-
- https://github.com/hangchuanin/Intranet_penetration_history
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hegusung/netscan
- https://github.com/hktalent/TOP
- https://github.com/iamramahibrah/AD-Attacks-and-Defend
- https://github.com/infosecn1nja/AD-Attack-Defense
- https://github.com/jared1981/More-Pentest-Tools
- https://github.com/jbmihoub/all-poc
- https://github.com/kdandy/pentest_tools
- https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest
- https://github.com/lazaars/UltraRealy_with_CVE-2019-1040
- https://github.com/lp008/Hack-readme
- https://github.com/merlinepedra/Pentest-Tools
- https://github.com/merlinepedra25/Pentest-Tools
- https://github.com/merlinepedra25/Pentest-Tools-1
- https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense
- https://github.com/nadeemali79/AD-Attack-Defense
- https://github.com/nccgroup/Change-Lockscreen
- https://github.com/nitishbadole/Pentest_Tools
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/orgTestCodacy11KRepos110MB/repo-3423-Pentest_Note
- https://github.com/paramint/AD-Attack-Defense
- https://github.com/pathakabhi24/Pentest-Tools
- https://github.com/penetrarnya-tm/WeaponizeKali.sh
- https://github.com/pjgmonteiro/Pentest-tools
- https://github.com/preempt/ntlm-scanner
- https://github.com/reewardius/0day
- https://github.com/retr0-13/AD-Attack-Defense
- https://github.com/retr0-13/Pentest-Tools
- https://github.com/select-ldl/word_select
- https://github.com/severnake/Pentest-Tools
- https://github.com/shantanu561993/DomainUserToDomainAdminTechniques
- https://github.com/snovvcrash/WeaponizeKali.sh
- https://github.com/sunzu94/AD-Attack-Defense
- https://github.com/suzi007/RedTeam_Note
- https://github.com/svbjdbk123/ReadTeam
- https://github.com/tataev/Security
- https://github.com/tempiltin/active-directory_pentest
- https://github.com/theguly/stars
- https://github.com/theyoge/AD-Pentesting-Tools
- https://github.com/trganda/starrlist
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/wzxmt/CVE-2019-1040
- https://github.com/xiaoy-sec/Pentest_Note
- https://github.com/xthemystik/xframe
- https://github.com/ycdxsb/WindowsPrivilegeEscalation
- https://github.com/yovelo98/OSCP-Cheatsheet
- https://github.com/zer0yu/Intranet_Penetration_CheetSheets
- https://github.com/zer0yu/RedTeam_CheetSheets
- https://github.com/zha0/WeaponizeKali.sh