Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Token auth and COM forms support #144

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

wolf-mash
Copy link

PR adds support for authenticating to Exchange Online via auth tokens and syncing forms to exploit CVE-2024-21378. A full write up can be found at https://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/.

@singe
Copy link
Contributor

singe commented Mar 25, 2024

Thanks, this is awesome. Any chance you could change the PR to remove all the syntax changes. Adding spaces before every comment, and removing spaces (the most prolific "no change" changes, but other smaller ones exist to, like import ordering). That way the specific new/changed code you introduced can be seen?

UPDATE: Leon has schooled me on golint. Currently debating if it would make sense to do a golint commit across the whole repo to save you the effort. Looking for someone to test it our side too.

@staaldraad
Copy link
Collaborator

Really cool @wolf-mash, fantastic (and surprising) to see a variant of the original attack almost 7 years later. Nice work 💪🏼

I've bumped the go version and dependencies, and cleaned up the code with go fmt, which should address the comment by @singe. This will need a rebase, to deal with conflicts, sorry. But in good news, I'm now aware of this and will be able to merge as soon as it is ready 😄

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants