Back to directory
WRITEUP #63

NTLM Credential Theft in Python Windows Applications

SSRFNTLMv2 hash disclosureNTLMSecurity code review
byNaveen Sunkavally
Program
PythonHugging Face (Gradio)WerkzeugJupyterSnowflake (Streamlit)
Published
Aug 23, 2024
Added to HackDex
Aug 26, 2024
Read Full Writeuphttps://www.horizon3.ai/attack-research/disclosures/ntlm-credential-theft-in-python-windows-applications/
RELATED WRITEUPS
IIS welcome page to source code review to LFI!
SSRFLFI
CVE-2024-38428 Wget Vulnerability: All you need to know
SSRFMiTM
Unauthenticated SSRF on Havoc C2 teamserver via spoofed demon agent
SSRFSecurity code review
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization

Built with ❤️ by Shubham Rawat