[enhancement] Support access to SMB over QUIC (Windows 11 & Windows Server 2022) #16
Comments
|
I've opened a discussion about this: #18 |
p0dalirius
added
enhancement
p0dalirius
changed the title
|
Update 221012. Akamai Security did apparently find a coercing vulnerability in SMB over QUIC in April. They have now released this POC for exploiting that. However, MS patched the vulnerability in July. Still, maybe the information and code can be valuable. |
|
@jsdhasfedssad I will take an in-depth look at this after BlackHat Europe, and I will try to include it in Coercer if possible :) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I see you are planning to add more coercing methods in version 2.0 which is great! Have you heard about NTLMQUIC available and running by default on Windows 11 and Windows Server 2022? TrustedSec describes this in this post and their tools are available here.
Apparently PetitPotam can be used to coerce NTLMQUIC but that also involves additional tools which is not very clean. Is it at all possible to improve this so that all that is needed to coerce NTLMQUIC is your tool? If so, would you be willing to support this?
Thanks!
The text was updated successfully, but these errors were encountered: