all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Relaying NTLM to MSSQL

Add to bookmarks
Oct. 10, 2023, 7 a.m. | Sylvain Heiniger

Compass Security Blog blog.compass-security.com

Readers of this blog probably know that I like to try NTLM relaying over all protocols possible! Relaying to Microsoft SQL (MSSQL) is known to work when using the default weak configuration.

With this blog post, we show some dangerous configurations and release a small tool to automate NTLM relaying in these cases.

blog blog post cases configuration default microsoft microsoft sql mssql ntlm penetration test protocols relay relaying release research sql tool windows work

Visit resource

More from blog.compass-security.com / Compass Security Blog

New Burp Extension: JWT-scanner 1 week, 2 days ago | blog.compass-security.com
application applications article authentication +20
Behind The Scenes Of Ransomware Attacks 3 weeks, 2 days ago | blog.compass-security.com
apt attacks big blog +10
Pwn2Own Toronto 2023: Part 5 – The Exploit 1 month ago | blog.compass-security.com
buffer buffer overflow buffer overflow vulnerability camera +20
Pwn2Own Toronto 2023: Part 4 – Memory Corruption Analysis 1 month ago | blog.compass-security.com
analysis corruption internet of things manage +9
Pwn2Own Toronto 2023: Part 3 – Exploration 1 month ago | blog.compass-security.com
authentication can code code execution +19
Pwn2Own Toronto 2023: Part 2 – Exploring the Attack Surface 1 month ago | blog.compass-security.com
aim attack attack surface blog +16
Pwn2Own Toronto 2023: Part 1 – How it all started 1 month, 1 week ago | blog.compass-security.com
analysts blog blog post camera +13
Manipulating LLMs – How to confuse ChatGPT 1 month, 2 weeks ago | blog.compass-security.com
ai algorithm chatgpt data +13
Luring the Threat: Lessons from ICS Honeypots in Ukraine and Germany 2 months ago | blog.compass-security.com
apt attacks components control +29

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati
View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478
View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom
View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA
View on infosec-jobs.com
View more jobs