We covered a scenario where we performed a vulnerability scanning with Nikto on a vulnerable windows machine that led to a full compromise using Microsoft Exchange CVE-2021-34473. This was part of TryHackMe LookBack.

The Lookback company has just started the integration with Active Directory. Due to the coming deadline, the system integrator had to rush the deployment of the environment. Can you spot any vulnerabilities?

Room Answers

What is the service user flag?

What is the user flag?

What is the root flag?

Video Walkthrough

CTF Writeup, CVE, CVE-2021-34473, tryhackme, TryHackMe LookBack, Vulnerability

Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles

Microsoft Exchange CVE-2021-34473 Exploit | TryHackMe LookBack

Leave a Reply Cancel reply

Motasem

About the Author

Other stories

PHP Static-Eval Exploitation | HackTheBox Baby Breaking Grad

Microsoft Outlook NTLM Vulnerability | CVE-2023-23397 Demo

Press ESC to close

Microsoft Exchange CVE-2021-34473 Exploit | TryHackMe LookBack

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

Other stories

PHP Static-Eval Exploitation | HackTheBox Baby Breaking Grad

Microsoft Outlook NTLM Vulnerability | CVE-2023-23397 Demo