{"version":"1.0","provider_name":"HITBSecConf2023 - Phuket","provider_url":"https:\/\/conference.hitb.org\/hitbsecconf2023hkt","title":"How NTLM Relay Ruins Your Exchange Servers - HITBSecConf2023 - Phuket","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"4Al1XroD4K\"><a href=\"https:\/\/conference.hitb.org\/hitbsecconf2023hkt\/session\/how-ntlm-relay-ruins-your-exchange-servers\/\">How NTLM Relay Ruins Your Exchange Servers<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/conference.hitb.org\/hitbsecconf2023hkt\/session\/how-ntlm-relay-ruins-your-exchange-servers\/embed\/#?secret=4Al1XroD4K\" width=\"600\" height=\"338\" title=\"&#8220;How NTLM Relay Ruins Your Exchange Servers&#8221; &#8212; HITBSecConf2023 - Phuket\" data-secret=\"4Al1XroD4K\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script>\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n<\/script>\n","description":"NTLM Relay is a classic attack against Windows systems. Although proposed many years ago, it is still a hot topic among red teams, especially in Active Directory environments. Exchange Server, as the most widely used mail server in the world, has also attracted more and more attention from attackers, many Exchange 0days with great impact [&hellip;]"}