GITHUB-passtheticket/CVE-2024-38200

GITHUB html WORKING POC

Exploit for CVE-2024-43609 - Microsoft 365 Apps - Information Disclosure

AI Analysis

The repository contains a functional exploit for CVE-2024-43609, which leverages Office URI schemes to capture NTLMv2 hashes over HTTP via a 302 redirect to a UNC path. The `uncredirect.py` script facilitates this attack by redirecting HTTP requests to a Responder-controlled UNC path, enabling NTLM relay attacks.

Attack Type

info_leak

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1187 - Forced Authentication T1557.001 - LLMNR/NBT-NS Poisoning and SMB Relay

Loading exploit code...

Download ZIP Password: eip

Source

Platform Github

Type poc

Language html

Files 3

https://github.com/passtheticket/CVE-2024-38200

Stars 146

Forks 27

Last Push Jan 13, 2025

Authors

passtheticket

Vulnerability

CVE-2024-43609

Microsoft 365 Apps - Information Disclosure

MEDIUM

CVSS 6.5