Outgoing NTLM traffic to remote servers, win logins exposed [your logins]

September 30, 2018

more than a decade old problem....windows 10...default settings...issue not much talked about any longer (nsa and quite a few others all over the globe - happy...)
it is a very serious flaw, severely dangerous...privacy breached (vpns wont help you), credentials compromise...so damn easy.

with firefox e.g. go here and have fun:
witch.valdikss.org.ru

with ms edge:
https://msleak.perfect-privacy.com/

and many other ways (nefariously crafted pdfs, doc files, remote content in emails...those are the simplest.....i can do it)

for the truly curious:
https://www.bleepingcomputer.com/news/security/understanding-the-windows-credential-leak-flaw-and-how-to-prevent-it/

stealing ntlm hashes, thus getting your win login data - with all the consequences u can and cannot imagine.
one solution, love you microsoft:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers

Sign In

Outgoing NTLM traffic to remote servers, win logins exposed [your logins]

Recommended Posts

calvin-dim

Link to comment

Share on other sites

Archived

Recently Browsing 0 members

nsane.down

News

Browse

Activity