2 writeups tagged with NTLM Relay
CVE-2025-24071 abuses .searchConnector-ms files to capture NTLMv2 hashes. Relay attack and ADCS ESC4 escalate to Domain Admin.
hMailServer path traversal leaks admin hash. Outlook CVE-2024-21413 moniker link attack for NTLM relay, WinPEAS finds privesc vector.
