Source |
CVE Liste |
Identifiant |
4318524 |
Date de publication |
2022-03-21 15:15:07 (vue: 2022-03-21 17:08:35) |
Titre |
CVE-2020-24772 |
Texte |
In Dreamacro 1.1.0, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. Windows will perform NTLM authentication when opening the SMB share and that request can be relayed (using a tool like responder) for code execution (or captured for hash cracking). |
Envoyé |
Oui |
Condensat |
2020 24772 attacker authentication can captured clash client code could cracking crafted cve dreamacro embed execution force hash iframe launch like malicious ntlm open opening perform relayed remote request responder share smb tool url using website when will windows would |
Tags |
Tool
|
Stories |
|
Notes |
|
Move |
|