ZITECH

Apple Original

EarPods
Lightning Connector

Special offer till Dec-31
LKR 5750/=

WhatsApp / Call
0766356662

PetitPotam

https://thehackernews.com/2021/07/new-petitpotam-ntlm-relay-attack-lets.html

A newly uncovered security flaw in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to stage an NTLM relay attack and completely take over a Windows domain.

The issue, dubbed "PetitPotam," was discovered by security researcher Gilles Lionel, who shared technical details and proof-of-concept (PoC) code last week, noting that the flaw works by forcing "Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function."

MS-EFSRPC is Microsoft's Encrypting File System Remote Protocol that's used to perform "maintenance and management operations on encrypted data that is stored remotely and accessed over a network."

New PetitPotam NTLM Relay Attack Lets Hackers Take Over Windows Domains New PetitPotam NTLM Relay Attack Allows Hackers To Take Control Of Windows Domains