Attack: RCE via CVE-2018-0886

Wishlist-type idea

It's possible to RCE a server via MITM of CredSSP auth.

References:
* https://support.microsoft.com/en-us/topic/credssp-updates-for-cve-2018-0886-5cbf9e5f-dc6d-744f-9e97-7ba400d6d3ea
* CredSSP Spec: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-cssp/85f57821-40bb-46aa-bfcb-ba9590b8fc30
* Exploit demo: https://www.youtube.com/watch?v=VywB2_o9Tsk
* Exploit blog (from wayback machine): https://web.archive.org/web/20201210213109/https://www.preempt.com/blog/ms-rdp-credssp-vulnerability/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Attack: RCE via CVE-2018-0886 #480

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Attack: RCE via CVE-2018-0886 #480

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions