Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-1040 PoC — Windows NTLM Tampering Vulnerability

Source
https://github.com/QAX-A-Team/dcpwn
Associated Vulnerability
Title:Windows NTLM Tampering Vulnerability (CVE-2019-1040)
Description:A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature. The update addresses the vulnerability by hardening NTLM MIC protection on the server-side.
Description
an impacket-dependent script exploiting CVE-2019-1040
Readme
# dcpwn
an impacket-dependent script exploiting CVE-2019-1040, with code partly borrowed from those security researchers that I'd like to say thanks to.

![Alt text](https://github.com/QAX-A-Team/dcpwn/blob/main/1.jpeg)

by taking a closer look you'll find the very technique for utilising the vulnerability slightly different to what common belief is.
File Snapshot

 [4.0K]  /data/pocs/1ef5720f737d068c3ab92e03ed644fcfaf52fd8e
├── [ 97K]  1.jpeg
├── [ 78K]  dcpwn.py
└── [ 353]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →