Fun with Autodiscover
by geshem - September 23, 2021 at 05:57 PM
#1
Interesting attack using Autodiscover. Turns out the protocol leaks requests outside of the user's domain, but in the same TLD. Registering domain as an attack vector:

https://twitter.com/nullenc0de/status/14...7236508675
https://www.guardicore.com/labs/autodisc...reat-leak/

 Users browsing this thread: 1 Guest(s)