Hacking a Company with 0-Click Email Attack | #phishing #redteam
As a penetration tester or red teamer, one of the methods of breaking into a company is #phishing and using this 0-click phishing attack it is possible to grab a user’s NetNTLMv2 hash which you can relay or crack to escalate privileges or move laterally through the network. This attack could be useful on a #redteam engagement.
————————————
Social Media Links
————————————
Twitter: https://twitter.com/MantisSTS
Twitch: https://twitch.tv/MantisSTS
GitHub: https://github.com/MantisSTS
Song: Valence – Infinite [NCS Release]
Music provided by NoCopyrightSounds
Free Download/Stream: http://ncs.io/infinite
Watch: http://youtu.be/QHoqD47gQG8
by Mantis
linux smtp server
During some of our IR scenarios we have seen ransomware operators employ this attack when they compromise the public-facing local exchange server to capture additional credentials. We simply blocked all outbound SMB / WinRM / RPC communications to the internet and removed all local exchange servers to force all login interfaces via Entra ID where we can employ MFA / Conditional Access Etc.
Whats ur discord
Why it will authentic to outside smb server with its 365 credentials
But wht need of ntlm hash for downloading image.
And why someone will send ntlm hash pf their office 366 password itself so tht we are able to open their email account
Excellent
Can this method only be used in Outlook or can it be used in Gmail as well?
Is it not patched yet?
is it condition target is needed Version SMBv1? for doing Relaying Attack?
Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
Since 1 year I am searching tutorials to learn website hacking penetration testing and bug bounty hunting and now by chance I came to your channel. Alas 👍💎DIAMONDS💎 like you are always hidden… Brother, Please do grant us the knowledge about core website hacking and web bug bounty hunting programmes. Brother believe me 🎓MENTORS like you born in centuries. You are a living LEGEND👑 for all H3ck3rs n new born bug bounty hunters. 👑 Love U 😘 Respect U 😍 Salute U 👑 🤝❤💚💙🌺⚘🌷👌👍
is the email.html a attachment?
this is work on ngrok?
Great video man, there is not much red team videos on here. Keep sharing when you find other great stuff
Hello bro are we able to talk?
I will pay you $1k so you can stop making those useless tutorials and quit YouTube.
this was a great one bro! short and sweet but well explained and covering lots of useful info 🙂 one small suggestion; I would maximise VMWare for video and just use the tabs at the top to swap between VMs.