all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Relaying NTLM to MSSQL

Add to bookmarks
Oct. 10, 2023, 7 a.m. | Sylvain Heiniger

Compass Security Blog blog.compass-security.com

Readers of this blog probably know that I like to try NTLM relaying over all protocols possible! Relaying to Microsoft SQL (MSSQL) is known to work when using the default weak configuration.

With this blog post, we show some dangerous configurations and release a small tool to automate NTLM relaying in these cases.

blog blog post cases configuration default microsoft microsoft sql mssql ntlm penetration test protocols relay relaying release research sql tool windows work

Visit resource

More from blog.compass-security.com / Compass Security Blog

How to become a Hacker 1 week, 4 days ago | blog.compass-security.com
compass computer computer science eth +13
Bug Bounty: Insights from Our First-hand Experience 3 weeks, 4 days ago | blog.compass-security.com
blog blog posts bounties bounty +26
New Burp Extension: JWT-scanner 1 month, 1 week ago | blog.compass-security.com
application applications article authentication +20
Behind The Scenes Of Ransomware Attacks 1 month, 3 weeks ago | blog.compass-security.com
apt attacks big blog +10
Pwn2Own Toronto 2023: Part 5 – The Exploit 2 months ago | blog.compass-security.com
buffer buffer overflow buffer overflow vulnerability camera +20
Pwn2Own Toronto 2023: Part 4 – Memory Corruption Analysis 2 months ago | blog.compass-security.com
analysis corruption internet of things manage +9
Pwn2Own Toronto 2023: Part 3 – Exploration 2 months ago | blog.compass-security.com
authentication can code code execution +19
Pwn2Own Toronto 2023: Part 2 – Exploring the Attack Surface 2 months ago | blog.compass-security.com
aim attack attack surface blog +16
Pwn2Own Toronto 2023: Part 1 – How it all started 2 months, 1 week ago | blog.compass-security.com
analysts blog blog post camera +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com