PROXYTOKEN: AN AUTHENTICATION BYPASS IN MICROSOFT EXCHANGE SER | PT SWARM
PROXYTOKEN: AN AUTHENTICATION BYPASS IN MICROSOFT EXCHANGE SERVER by Simon Zuckerbraun
With this vulnerability, an unauthenticated attacker can perform configuration actions on mailboxes belonging to arbitrary users, for example copying all emails addressed to a target account and forwarding them to an attacker-controlled account. The vulnerability arises due to the authentication module not being loaded on the back end.
Contents: • The Trigger • Understanding the Root Cause • Bagging a Canary • Conclusion
Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...