CVE-2025-33073 : la VULN 2025 la plus FLIPPANTE ? (NTLM Reflection)

Today, we review the attack discovered by Synacktiv (Wilfried Bécard & Guillaume André) on June 11, 2025: exploiting a local NTLM relay via a DNS record to relaunch authentication on the same machine (NTLM reflection). 🔍 On the agenda: 00:00 - Introduction & Background: Why this vulnerability is scary 00:54 - Review of NTLM, relays, and reflection attacks 01:38 - Review of existing protections and historical patches 02:40 - Accidental discovery of CVE-2025-33073 03:47 - Exploit demonstration (PetitPotam + ntlmrelayx) 06:40 - Why the SYSTEM token is wrongly granted 09:00 - Step-by-step attack scenario 11:05 - Impacts for administrators and real risks 12:35 - Defenses to implement: patches, SMB signing, audits 13:40 - Microsoft's reaction and June 2025 patch 15:10 - Conclusion & tips for staying protected Video on Pass The Hash:    • HACKER sans MOT DE PASSE : L’attaque PASS ...   Video on NTLM Relay:    • PIRATER une entreprise en 15 MIN : LLMNR S...   =[ Socials ]= → Discord:   / discord   → My X:   / fransosiche   =[ Sources ]= → https://www.synacktiv.com/en/publicat... → https://www.tiraniddo.dev/ #cybersecurity #security #getstarted #hacking #hacker #tutorial #FR #french #training #defensive #SOC #hacker #CVE2025 #NTLMReflection #CyberSecurity #SMBSigning #Kerberos #MicrosoftPatch #Synacktiv #ActiveDirectory #Pentest #NetworkSecurity