POC + Exploit CVE-2023-23397
by Farfallaiero - Wednesday December 13, 2023 at 05:23 PM
Breached
Member
Posts: 5
Threads: 0
Joined: Mar 2024
Reputation: 0

#11
03-28-2024, 03:03 PM
(12-13-2023, 05:23 PM)Farfallaiero Wrote: CVE-2023-23397 is a vulnerability in MS Outlook that allows an attacker to potentially exfil user authentication details. The vulnerability relates to the the ability for an attacker to specify a UNC path in the "ReminderSoundFile" property within an email/meeting invite - when the reminder triggers in Outlook, the user's Outlook client attempts to load the sound file specified in the path. If Outlook attempts to initiate an SMB connection to a remote SMB server, it might be possible for the attacker to intercept the user's Net-NTLMv2 hash and relay this to authenticate as the user.

thankssssssssssssssssssss
Reply
Breached
Member
Posts: 19
Threads: 0
Joined: Apr 2024
Reputation: 0

#12
04-23-2024, 01:32 PM
thank you so much
Reply
Breached
Member
Posts: 5
Threads: 0
Joined: May 2024
Reputation: 0

#13
05-29-2024, 07:40 AM
let me see, what is this///
Reply
Breached
Member
Posts: 2
Threads: 0
Joined: Jun 2024
Reputation: 0

#14
06-22-2024, 09:28 AM
thx you good job
Reply
Breached
Member
Posts: 7
Threads: 1
Joined: Jul 2024
Reputation: 0

#15
11-13-2024, 09:48 PM
yo thank you man
Reply
Banned

Posts: 26
Threads: 0
Joined: Mar 2024
Reputation: 0

#16
11-14-2024, 12:38 AM
Great, thank you so much
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
Reply
Banned

Posts: 6
Threads: 0
Joined: Nov 2024
Reputation: 20

#17
11-14-2024, 12:59 AM
thank you man........
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Attempted Scamming | Public Source Code /Thread-SELLING-Smoke-bot-panel-source-code | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
Reply
Banned

Posts: 21
Threads: 0
Joined: Jul 2024
Reputation: 0

#18
12-12-2024, 04:46 AM
(12-13-2023, 05:23 PM)Farfallaiero Wrote: CVE-2023-23397 is a vulnerability in MS Outlook that allows an attacker to potentially exfil user authentication details. The vulnerability relates to the the ability for an attacker to specify a UNC path in the "ReminderSoundFile" property within an email/meeting invite - when the reminder triggers in Outlook, the user's Outlook client attempts to load the sound file specified in the path. If Outlook attempts to initiate an SMB connection to a remote SMB server, it might be possible for the attacker to intercept the user's Net-NTLMv2 hash and relay this to authenticate as the user.

thank you bro for this
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
Reply
MVP User
MVP
Posts: 72
Threads: 3
Joined: Jun 2024
Reputation: 50

#19
12-12-2024, 06:01 PM
Thank you so much friend
Reply
I Did It My Way

Posts: 214
Threads: 65
Joined: Aug 2024
Reputation: 467

#20
12-20-2024, 07:48 AM
This is amazing, nice job!
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Self-Ban | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you wish to be unbanned in the future.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Help Microsoft Teams Gif Exploit guniess0x 0 5 Yesterday, 10:30 AM
Last Post: guniess0x
  new wordpress website takeover vuln (video + poc ) zinzeur 313 27,280 03-28-2026, 02:43 AM
Last Post: toshi99
  [POC] Google OAuth "MultiLogin" endpoint 0-day Farfallaiero 106 13,202 02-10-2026, 03:34 PM
Last Post: birhikayemvar
  Ban Any Discord Exploit PhineasFisher 6 297 02-08-2026, 11:49 PM
Last Post: skype
  Cool Remote Patching ETW/Amsi PoC pepeloco 6 2,094 02-08-2026, 07:58 AM
Last Post: zeroday99



 Users browsing this thread: