CVE-2024-21413

This repository contains a functional PoC for CVE-2024-21413, a Microsoft Outlook RCE vulnerability. The script crafts a malicious email with a base64-encoded image and a file:// URI link, exploiting Outlook's handling of such links to achieve remote code execution.

This repository contains a functional Python exploit for CVE-2024-21413 (MonikerLink), which abuses Microsoft Outlook's handling of 'file://' URIs to achieve remote code execution. The exploit sends a crafted email with a malicious link that triggers SMB/NTLM authentication requests to an attacker-controlled server.

This repository contains a functional exploit PoC for CVE-2024-21413, which leverages Microsoft Outlook's vulnerability to leak credentials and achieve remote code execution when chained with CVE-2023-21716. The exploit uses an Expect script to send a crafted email with a malicious link that triggers credential leakage via SMB.

The repository contains a Python script that sends emails but lacks any exploit code or technical details related to CVE-2024-21413. The README and code are filled with generic features and ASCII art, with no actual vulnerability analysis or exploitation logic.

This repository contains a functional PoC for CVE-2024-21413, a vulnerability in Microsoft Outlook that allows an attacker to send a crafted email with a malicious link, leading to NTLM credential theft via SMB. The script automates the email sending process using telnet and pexpect.

This repository contains a functional Python exploit for CVE-2024-21413 (MonikerLink), which abuses Microsoft Outlook's handling of malicious URLs in emails to achieve remote code execution. The exploit sends a crafted email with a `file://` URL that triggers SMB authentication requests, leading to credential theft or further exploitation.

The repository contains a functional Python script that exploits CVE-2024-21413, a critical RCE vulnerability in Microsoft Outlook. The exploit sends a crafted email with a malicious link attachment, leveraging the MonikerLink vulnerability to bypass Protected View and execute arbitrary code.

This repository contains functional Python scripts to exploit CVE-2024-21413, an Outlook vulnerability that leverages the file:// protocol to trigger SMB connections and capture NTLM credentials. It includes tools for sending malicious emails and capturing hashes via Responder.

The repository claims to provide a PoC for CVE-2024-21413 (Microsoft Outlook RCE via MonikerLink) but lacks actual exploit code. It describes SMTP-based delivery and NTLM leak/RCE capabilities but only includes a README with usage instructions and no functional code.

This repository contains a functional Python script that exploits CVE-2024-21413, a Microsoft Outlook vulnerability involving MonikerLink behavior. The exploit sends a crafted email with a malicious 'file://' hyperlink, triggering an outbound NTLM authentication attempt to an attacker-controlled SMB server, leading to credential leakage.

This repository contains a functional exploit for CVE-2024-21413, a Microsoft Outlook RCE vulnerability. The exploit uses a crafted email with a malicious link to trigger remote code execution via a file:// URI handler.

This repository contains a functional PoC for CVE-2024-21413, a Microsoft Outlook RCE vulnerability. The script sends a crafted email with an HTML template and uses Impacket to capture NTLM hashes, demonstrating the exploit chain.

This repository contains a functional exploit for CVE-2024-21413, targeting Outlook to leak NTLM hashes via malicious UNC links. It includes Python scripts for SMTP/POP3 servers and an exploit script to send the malicious email.

This repository contains a functional PoC for CVE-2024-21413, a critical RCE vulnerability in Microsoft Outlook. The exploit sends a crafted email with a malicious file:// link that triggers an SMB connection, leaking NetNTLMv2 hashes when the victim interacts with the email.

This repository contains a functional exploit for CVE-2024-21413, which leverages a Moniker Link vulnerability to coerce authentication and capture user hashes via a crafted email. The exploit uses SMTP to deliver an HTML email with a malicious file:// link, requiring user interaction to trigger the vulnerability.

This repository provides a detailed technical analysis of CVE-2024-21413, explaining the Moniker Link vulnerability in Microsoft Outlook, its exploitation mechanism, and mitigation strategies. It includes attack flow diagrams, YARA rules for detection, and hands-on examples for lab environments.

This repository contains a functional PoC for CVE-2024-21413, which exploits a vulnerability in Microsoft Outlook by sending a crafted email with a malicious file:// URL. The exploit leverages SMTP authentication to deliver the payload, triggering remote code execution when the recipient interacts with the email.

This repository provides a detailed technical analysis of CVE-2024-21413, including root cause analysis, CVSS breakdown, and mitigation strategies. It explains how improper input validation in Microsoft Outlook allows NTLM credential leaks via crafted COM Moniker URLs.

This is a detailed technical walkthrough of the HTB 'Mailing' machine, covering multiple vulnerabilities including directory traversal, credential leaks, CVE-2024-21413 (NetNTLMv2 hash capture), and CVE-2023-2255 (LibreOffice macro execution). It provides step-by-step exploitation details, patch analysis, and root cause explanations.

This repository provides a detailed technical walkthrough of exploiting CVE-2024-21413, focusing on NTLM credential theft via moniker link attacks. It includes lab setup, attack execution steps, and challenges encountered during testing.

The repository contains a Python script that sends emails but lacks technical details about CVE-2024-21413. It relies on external configuration and templates, and the README is not provided for further analysis.

This repository provides a detailed technical analysis of CVE-2024-21413 (MonikerLink), explaining how the vulnerability exploits SMB/NTLM for credential theft, the impact of Microsoft's patch, and a lab setup demonstrating the attack using Responder and Hashcat.

This repository provides a detailed technical write-up of CVE-2024-21413, explaining how Microsoft Outlook's improper handling of Moniker Links can lead to NTLMv2 credential leakage. It includes an exploitation process, security impact analysis, and mitigation strategies.

This repository contains a functional PoC for CVE-2024-21413, a Microsoft Outlook RCE vulnerability. The script sends a crafted email with an HTML template and uses Impacket to capture NTLM hashes, demonstrating the exploit chain.

The repository provides educational lab notes and a high-level PoC for CVE-2024-21413, detailing how a crafted Moniker Link in Outlook can bypass Protected View and leak netNTLMv2 hashes via SMB authentication attempts. It includes technical context on the attack flow but lacks functional exploit code.

This repository provides a detailed technical analysis of CVE-2024-21413, a Moniker Link vulnerability in Microsoft Outlook that allows bypassing Protected View to leak NTLM hashes. It includes a step-by-step breakdown of the exploit mechanism, detection methods, and mitigation strategies.

This repository contains a functional Python script that exploits CVE-2024-21413, a Microsoft Outlook vulnerability involving Moniker Links. The exploit bypasses Outlook's Protected View by using a crafted 'file://' hyperlink with a '!' character, leading to NTLM credential leakage when the victim clicks the link.

This repository contains a functional Python script that crafts an HTML email with a Moniker Link to trigger an SMB connection from Outlook, allowing the capture of a victim's netNTLMv2 hash via Responder. The PoC includes detailed setup instructions, troubleshooting steps, and screenshots demonstrating the exploit workflow.

This repository provides a detailed technical analysis of CVE-2024-21413, a vulnerability in Microsoft Outlook that bypasses Protected View using Moniker Links to leak NTLM credentials. It includes an explanation of the attack mechanism, tools used, and mitigation strategies.

The repository provides a technical walkthrough of capturing NTLM hashes using Responder and executing phishing attacks via email, demonstrating the exploitation of CVE-2024-21413. It includes detailed steps, commands, and a Python script for sending phishing emails with malicious links.

The repository claims to be an exploit for CVE-2024-21413 but lacks actual exploit code, instead directing users to an external download link. The README is vague and lacks technical details about the vulnerability.

The repository contains no exploit code or technical details, only a vague title suggesting a writeup. The lack of content and reliance on buzzwords indicate a potential social engineering lure.

This PoC exploits CVE-2024-21413, a remote code execution vulnerability in Microsoft Outlook, by sending a crafted email with a malicious HTML payload. The script uses SMTP to deliver the email, which triggers the vulnerability when the recipient opens it.

This repository contains a functional PoC for CVE-2024-21413, a critical RCE vulnerability in Microsoft Windows Outlook. The exploit leverages a crafted email with a malicious link attachment to achieve remote code execution on the victim's machine.

This repository contains a functional exploit for CVE-2024-21413, a Microsoft Outlook RCE vulnerability. The PoC sends a crafted email with a malicious file:// link to trigger the vulnerability, requiring attacker-controlled infrastructure to achieve code execution.

This repository contains a functional exploit for CVE-2024-21413, which involves sending a crafted email with a malicious link to trigger NTLMv2 hash capture via Responder. The exploit leverages Outlook's handling of file:// URIs to bypass security warnings.

This repository contains a functional exploit PoC for CVE-2024-21413, leveraging PHPMailer to craft a malicious email that triggers an SMB connection to an attacker-controlled server, exfiltrating Windows credentials via NTLM authentication.