Reading Outlook using Metasploit | forsec
Tags
| attack-pattern: | Data Powershell - T1059.001 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | c315c8c0-e397-4044-91c4-8420187a82a4 |
| Fingerprint | 86212e1a04a3bb44 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Dec. 8, 2014, 8:47 p.m. |
| Added to db | Jan. 18, 2023, 9:44 p.m. |
| Last updated | Nov. 18, 2024, 8:35 a.m. |
| Headline | Reading Outlook using Metasploit |
| Title | Reading Outlook using Metasploit | forsec |
| Detected Hints/Tags/Attributes | 16/1/10 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://forsec.nl/2014/12/reading-outlook-using-metasploit/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 18 | microsoft.office |
|
| Details | Domain | 1 | acc.name |
|
| Details | Domain | 4129 | github.com |
|
| Details | File | 3 | _.html |
|
| Details | File | 1 | user32.mov |
|
| Details | File | 1 | outlook.rb |
|
| Details | File | 1 | outlook.ps1 |
|
| Details | Github username | 46 | rapid7 |
|
| Details | Url | 1 | https://github.com/rapid7/metasploit-framework/blob/master/modules/post/windows/gather/outlook.rb |
|
| Details | Url | 1 | https://github.com/rapid7/metasploit-framework/blob/master/data/post/powershell/outlook.ps1 |