Microsoft Outlook CVE-2023-23397 Exploit

Microsoft Outlook CVE-2023-23397 Exploit

vPython by Prapattimynk

CVE-2023-23397 previewThis CVE aimed to retrieve NetNTLM hash logged in user from Microsoft Outlook client version 2016 except last patched version.Steps to reproduce and successful exploitationDownlo

Android Android 5.0Exploits And POCs
( 193 ratings )
Price: $0
File Microsoft Outlook CVE-2023-23397 Exploit
Publisher Prapattimynk
Genre Exploits And POCs
Size -
File Type Python
Os All
Mod Version Python
Report Report
Microsoft Outlook CVE-2023-23397 Exploit is the most famous version in the Microsoft Outlook CVE-2023-23397 Exploit series of publisher
Download

CVE-2023-23397 preview

This CVE aimed to retrieve NetNTLM hash logged in user from Microsoft Outlook client version 2016 except last patched version.

Steps to reproduce and successful exploitation

  • Download any sound file to smb machine which will be deployed as SMB share.
  • Start smb share.
  • Create an applointment in MS Outlook. In home menu New Item -> Appointment. Below Time Zone icon placed ahcor hyperlink with sound reminder. Click on it, add sound file from smb share. Add recipients with Invite attendees button.
  • Send message
  • First hash will be received from user who create an appointment and added sound file from share. Next hashes will be from users who OPEN invitation.

About exploit

How to run

python3 exploit.py -p 192.168.0.5 -f recipients.txt

Help menu with description.

python3 exploit.py -h

Exploit was written for mass delivery test and works with chance 50/50. This is because Python library independentsoft.msg for creating appointment and objects for Outlook attaches file as message and MS Outlook recognizes it not as native. That’s why retrieving hash not always completing successfully.

Limitations

During test I faced with some technical hicaps and limitations. The are:

  • limitations for mass email delivery
  • network limitations
  • weak connection
  • self-signed certificate or security limitations for certificate validation


Recommended for You

You may also like

Comments

Your email address will not be published. Required fields are marked *

Next Post X
Ads Blocker Image Powered by Code Help Pro

AdBlocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.