*TL;DR:* SMB Relay + LNK UNC icons = internal pentest pwnage
I need to touch on the highlights of two vulnerabilities before we talk about the fun stuff, but I highly encourage you to read the references at the bottom of this post and understand the vulnerabilities after you are done with my little trick, as you might find one of your own.
MS08_068: http://www.cvedetails.com/cve/CVE-2008-4037/
In 2008, Microsoft released MS08_068 which patched the “SMB Relay” attack.![]()
![]()
![]()
![]()
![]()
↧