Love letters from the red team: from e-mail to NTLM hashes with Microsoft Outlook

fisherman for blog

  Introduction A few months ago Will Dormann of CERT/CC published a blog post [1] describing a technique where an adversary could abuse Microsoft Outlook together with OLE objects, a feature of Microsoft Windows since its early days, to force the operating system to leak Net-NTLM hashes. Last year we wrote a blog post [2] […]