Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
sgteaglefort

attackers can use Zoom to steal windows credentials.

Recommended Posts

Posted · Original PosterOP

Zoom is being used to  windows credentials.

 

Original article 

https://www.zdnet.com/article/windows-10-alert-zoom-client-can-leak-your-network-login-credentials/

Quote

On the heels of Zoom's iPhone privacy blunder, a security researcher has found that attackers can use the Zoom Windows client's group chat feature to share links that will leak the Windows network credentials of anyone who clicks on them. 

 

Zoom is again in hot water, this after many turn to it in a time of social distancing.

Link to post
Share on other sites

Protip, Google has a "free" service that has higher video quality and is presumably more secure than Zoom. 

 

 

It's great. 100,000 Google employees use it regularly. No one else does, but it works amazing for the people who made it. 


R9 3900x; 64GB RAM | RTX 2080 | 1.5TB Optane P4800x

1TB ADATA XPG Pro 8200 SSD | 2TB Micron 1100 SSD
HD800 + SCHIIT VALI | Topre Realforce Keyboard

Link to post
Share on other sites
11 minutes ago, comander said:

Protip, Google has a "free" service that has higher video quality and is presumably more secure than Zoom. 

I'm sure one out of the 324 Google communication services will be good, the question is whether users will have time to find out which one before they kill it again.

 

 

Regarding Zoom, I first heard about it like two weeks ago as forced remote work kicked in. I think it's the best service I ever used for multi-way meetings in terms of stability and audio/image quality for everyone involved (I think every other service at most dealt with two-way connections, sometimes not even). I guess it was too good to be true: the more I learn about it, the less reliable it seems in every other way.

Link to post
Share on other sites
2 hours ago, sgteaglefort said:

Zoom is being used to  windows credentials.

 

Original article 

https://www.zdnet.com/article/windows-10-alert-zoom-client-can-leak-your-network-login-credentials/

 

Zoom is again in hot water, this after many turn to it in a time of social distancing.

Isn't there also something regarding how the macOS installer for Zoom operates?


AMD Phenom™ II X6 1100T @ 4.0GHz | MSI 890FXA-GD65 | MSI GTX 550Ti | 16GB Kingston DDR3 | Samsung 850 EVO 250GB | WD 750GB | Antec 300 | ASUS Xonar DG | Corsair A50 | OCZ 600W | Windows 10 Pro

Sony MDR-V250 | Logitech G610 Orion Brown | Logitech G402

Intel Core™ i5-8520U | WD Blue M.2 250GB | 1TB Seagate FireCuda | 8GB DDR4 | Windows 10 Home | ASUS Vivobook 15 

Intel Core™ i7-3520M | GT 630M | 16 GB Corsair Vengeance DDR3 | Samsung 850 EVO 250GB | macOS Catalina  Lenovo IdeaPad P580

AMD Phenom™ II X2 550 @ 3.10GHz | Gigabyte GA-MA785GM-US2H | XFX Radeon HD 4870 | 4GB Corsair XMS2 | WD 250GB | Thermaltake TR2 500W | Windows 10 Pro

iPhone 6s (iOS 13.4.1) | iPad Mini (iOS 8.4) | Samsung Galaxy S5e

Link to post
Share on other sites

 

 

29 minutes ago, BlueChinchillaEatingDorito said:

Isn't there also something regarding how the macOS installer for Zoom operates?

 

 

YES! They prompt for the admin users password (and do the install) before the user clicks install, when the installer window opens! they have literally done extra work so that the application is installed even if the user clicks cancel on the installer window! 

 

Zoom seems to be very poorly developed when it comes to being a good system application.

 

Through i am more worried about windows if any application that runs can access credentials that sounds like a windows bug, you cant assume every application running on the system can read all the users passwords. macOS will only let an application read passwords it set into the keychain. (even the the user is root) they will be promted by the system if they want to let this application read other values if the application attempts to read them.

 

Link to post
Share on other sites
Posted · Original PosterOP
3 hours ago, BlueChinchillaEatingDorito said:

Isn't there also something regarding how the macOS installer for Zoom operates?

Yes zoom is facing many flaws and failures at the moment.

Link to post
Share on other sites
On 4/1/2020 at 12:45 PM, comander said:

Protip, Google has a "free" service that has higher video quality and is presumably more secure than Zoom. 

 

 

It's great. 100,000 Google employees use it regularly. No one else does, but it works amazing for the people who made it. 

They have so many that I honestly have no clue which one you're talking about. I stopped using most Google services because they abandon and replace them at an alarming rate.

 

Edit: To me, this sounds more like a flaw with Windows and SMB than with Zoom.

Quote

When someone clicks on the UNC path link, Windows attempts to connect to the remote site using the SMB network file-sharing protocol. And by default, Windows then sends the user's login name and NT Lan Manager (NTLM) credential hash.   Additionally, whenever an SMB connection is made, it may leak the client's IP address, domain name, user name, and host name. 

 

It's also worth noting that Zoom hasn't been used to steal credentials, despite what the OP claims. It's just a possibility.


Make sure to quote or tag me (@JoostinOnline) or I won't see your response!

PSU Tier List  |  The Real Reason Delidding Improves Temperatures"2K" does not mean 2560×1440 

Link to post
Share on other sites

This sounds more like a problem with SMB than with Zoom. Zoom allows SMB links which is bad security practice, I guess.

 

But SMB apparently straight up sends your hashed password across the network for no reason. Why? 

 

Other than that the only credentials the attacker can get is your IP address (which they can also get by linking to a website they host) and your username/Microsoft account name (??) (again, why is this being sent?).

 

If anyone with more SMB knowledge than me knows why this data is being sent, or any more details about what is happening, I'd really appreciate it. I'm quite confused. Also, did I misunderstand anything?


The Eight Fallacies of Distributed Computing

Essentially everyone, when they first build a distributed application, makes the following eight assumptions. All prove to be false in the long run and all cause big trouble and painful learning experiences.

  1. The network is reliable
  2. Latency is zero
  3. Bandwidth is infinite
  4. The network is secure
  5. Topology doesn’t change
  6. There is one administrator
  7. Transport cost is zero
  8. The network is homogeneous

        — Peter Deutsch

Link to post
Share on other sites

i want to honestly see how zoom responds to this. my sisters use it to keep in touch with friends, but they use mac so they may be ok.


Main PC: the literature club machine

Intel I5 9600k @ 4.2 Ghz | MSI z390-a pro | G.Skill Trident Z RGB 32 GB 3000Mhz | Samsung 970 Evo 500 GB | Thermaltake Floe Riing RGB 240 | Asus GeForce GTX 1660 Ti 6 GB DUAL OC | Thermaltake Core P3 TG Snow Edition

 

Link to post
Share on other sites
3 hours ago, mon1ka said:

i want to honestly see how zoom responds to this. my sisters use it to keep in touch with friends, but they use mac so they may be ok.

I mean I guess it fixed in latest update

 

https://9to5mac.com/2020/04/02/zoom-fixes-malware-like-macos-installer/

 

Meet jitsi is pretty good option if it just for keeping touch with friends.


Magical Pineapples


 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Link to post
Share on other sites
19 hours ago, Philipaustin said:

I have switched to skype and google meets, for better security. 

i use discord and skype personally. mainly because i can trust the companies they're from


Main PC: the literature club machine

Intel I5 9600k @ 4.2 Ghz | MSI z390-a pro | G.Skill Trident Z RGB 32 GB 3000Mhz | Samsung 970 Evo 500 GB | Thermaltake Floe Riing RGB 240 | Asus GeForce GTX 1660 Ti 6 GB DUAL OC | Thermaltake Core P3 TG Snow Edition

 

Link to post
Share on other sites

When it comes out that Zoom is a bag of worms, but you're an undergraduate student whose university forces you to use it.

crying" Meme Templates - Imgflip


I have a G7 and it's DELLicious!!!

| #HuaweiSucks | #MacsAreGoodComputersToo |

 

Meet Hex, my hexacore laptop!

i7-8750H  (6c/12t)
GTX 1060 Max-Q 6GB

16GB DDR4-2666

1TB Crucial P1 M.2 NVMe (boot)

2TB Crucial MX500 SATA III (games)

1080p IPS 60Hz display

also in use...

Logitech G603 wireless gaming mouse

HyperX Stinger wireless gaming headset

 

Other tech: Product(RED) Apple iPhone XR 256GB, Logitech G203 Prodigy, Cooler Master Devastator II (just the keyboard), Sennheiser HD4.40BT, OontZ Angle 3 Ultra, Corsair HS70 wireless gaming headset

Link to post
Share on other sites

my school district is starting zoom call learning, i'm resisting the urge to send a bunch of articles about this stuff to staff members

 

it's certainly better than skype which is laggy and buggy with choppy audio and unsynchronized video though


Don't forget to use the "Quote" feature or mention me ( @Gegger) if you want me to see your reply!

Community Standards // Forum Quickstart Guide // Floatplane // Forum FAQ
Banned by Linus in the "banning game" thread who added insult to injury by putting this crap in my sig >(

WE ARE THE DARK SIDE Don't be a light theme peasant

Spoiler

             ........:oo:........

           o//ssssssssyhhysssss+////o               .'''''''''''''''''. 

          mddmmm/::ddddddddddddddmmmyss::/mmN       |   PARTY OR DI  |

          o..+oodddmmmhhhhhhhhhhhdmmmmmdddooy       | ,................'

         h::oyyhddmmm+++///////////++++++mmmddy::s  |/

      Nyyo[[sddhyyyyy::::::::::::::::::::yyymmh//oyym

     h..:oohmm+:://///::::////////////////+mmmmms..sNN

     m++sddmmm+::hddhhy::+ddddddddddddddhhhmmmmmdhh+++d

    Nsssyyhmmhssooodmmhhh::+mmdyyyyyyyyddddddmmmmmmmmo::d

   mmd../mmmmmo::shhdmmhhh::+mmhooooooooyhhmmmmmmmmmmmyssdmm

  +++++smmdddo::///dmmhhh::+mmhooooooooooommmmmddddmmmdd/++m

 ``+hhhmmhoo/:::::oooooossymmhooooooooyyymmdoooooydddmmo//N

 ++:mmmmmy:::::::::::::/yyhmmhooooooooyhhmmd:::::+yyhmmyssddd

ooommmmmy:::::::::::::://ommhooooooooooommd:::::://shhdmm+..

yyhmmh++/::::::::::::::::+mmhooooooooyyymmd::::::::/++hmm+//

dddmmh++/::::::::::::::::+mmhooooooooyhhddh:::::::::::hmmysshhd mmmmmdhhs::::::::::::::::+mmhoooooooohhhhhy:::::::::::hmmhhh``+ mmmmmh++/::::::::::::::::+mmdhhsooooodmm++/:::::::::::hmmsss``+ dddmmhoo+::::::::::::::::+dddddyssyyydmm::::::::::::::hmmsoo++o dddmmdhho::::::::::::::::+hhdmmddddmmmmm::::::::::::::hmmsooNNN mmmmmh///::::::::::::::::+hhdmmmmmmmmddd::::::::::::::hmmsoo++/ yyhmmdss+::::::::::::::::/ooydddmmmmmsoo::::::::::::::yddhyy::+ ++ommmmmy:::::::::::::::::::ohhdmmddd/::::::::::::::::shhdmmsssNNNmmN ..+mmmmmy:::::::::::::::::::://shh+//:::::::::::::::::://dmmmmdoo+..o ``+dddmmhss+:::::::::::::::::::+++/::::::::::::::::::::::ooodddhhysshNNy++m ``+hhdmmdhhs///:::::::::::::::::::::::::::::::::::::::::::::yyymmmmmmmmo++hNNmdd ``+hhdmmdhhhhh+:::::::::::::::::::::::::::::::::::::::::::::::/hhhhhdmmmmmsoo... ``+ddmmmdhhhhhyyyyyyyyyyyo:::::::::::::::::::::::::::::::::::::+++++sdddmmdhhsss//+ ``+mmmmmhsshhhhhhhhhhhhhhy++/:::::::::::::::::::::::::::::::::::::::+ssyyydmmddd///hhd ``+mmmmmy::shhhhhhhhhhhhhhhhs:::::::::::::::::::::::::::::::::::::::::::::ymmmmmmmh../ ``+mmmmmy:://////////////ohhhyy+::::::::::::::::::::::::::::::::::::::::::///hddmmmhhs++s ``+mmmmmhssssssssssssssssydddddysssssssssssssssssssssssssssssssssssssssssssssdddmmmmmy::s ``+mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmhooh

 

Link to post
Share on other sites

Seriously, is there anything left that attackers can't access with bloody Zoom??

Link to post
Share on other sites
5 hours ago, Gegger said:

my school district is starting zoom call learning, i'm resisting the urge to send a bunch of articles about this stuff to staff members

 

it's certainly better than skype which is laggy and buggy with choppy audio and unsynchronized video though

 

20 minutes ago, 5x5 said:

Seriously, is there anything left that attackers can't access with bloody Zoom??

You should read the article. This is a flaw with SMB (as I explained in a comment above yours), and Zoom hasn't been used to steal any credentials.


Make sure to quote or tag me (@JoostinOnline) or I won't see your response!

PSU Tier List  |  The Real Reason Delidding Improves Temperatures"2K" does not mean 2560×1440 

Link to post
Share on other sites
1 minute ago, JoostinOnline said:

 

You should read the article. This is a flaw with SMB (as I explained in a comment above yours), and Zoom hasn't been used to steal any credentials.

i'm aware of that

 

but still, zoom has a bunch of problems that are hopefully being fixed or are fixed already, on OSX and Binbows

 

and while it hasn't been used to steal any credentials...yet...who knows what other bugs and vulnerabilities zoom has and it's just putting a bad look on their company

 

also it's past 4 am and if i'm not making any sense i'm sorry


Don't forget to use the "Quote" feature or mention me ( @Gegger) if you want me to see your reply!

Community Standards // Forum Quickstart Guide // Floatplane // Forum FAQ
Banned by Linus in the "banning game" thread who added insult to injury by putting this crap in my sig >(

WE ARE THE DARK SIDE Don't be a light theme peasant

Spoiler

             ........:oo:........

           o//ssssssssyhhysssss+////o               .'''''''''''''''''. 

          mddmmm/::ddddddddddddddmmmyss::/mmN       |   PARTY OR DI  |

          o..+oodddmmmhhhhhhhhhhhdmmmmmdddooy       | ,................'

         h::oyyhddmmm+++///////////++++++mmmddy::s  |/

      Nyyo[[sddhyyyyy::::::::::::::::::::yyymmh//oyym

     h..:oohmm+:://///::::////////////////+mmmmms..sNN

     m++sddmmm+::hddhhy::+ddddddddddddddhhhmmmmmdhh+++d

    Nsssyyhmmhssooodmmhhh::+mmdyyyyyyyyddddddmmmmmmmmo::d

   mmd../mmmmmo::shhdmmhhh::+mmhooooooooyhhmmmmmmmmmmmyssdmm

  +++++smmdddo::///dmmhhh::+mmhooooooooooommmmmddddmmmdd/++m

 ``+hhhmmhoo/:::::oooooossymmhooooooooyyymmdoooooydddmmo//N

 ++:mmmmmy:::::::::::::/yyhmmhooooooooyhhmmd:::::+yyhmmyssddd

ooommmmmy:::::::::::::://ommhooooooooooommd:::::://shhdmm+..

yyhmmh++/::::::::::::::::+mmhooooooooyyymmd::::::::/++hmm+//

dddmmh++/::::::::::::::::+mmhooooooooyhhddh:::::::::::hmmysshhd mmmmmdhhs::::::::::::::::+mmhoooooooohhhhhy:::::::::::hmmhhh``+ mmmmmh++/::::::::::::::::+mmdhhsooooodmm++/:::::::::::hmmsss``+ dddmmhoo+::::::::::::::::+dddddyssyyydmm::::::::::::::hmmsoo++o dddmmdhho::::::::::::::::+hhdmmddddmmmmm::::::::::::::hmmsooNNN mmmmmh///::::::::::::::::+hhdmmmmmmmmddd::::::::::::::hmmsoo++/ yyhmmdss+::::::::::::::::/ooydddmmmmmsoo::::::::::::::yddhyy::+ ++ommmmmy:::::::::::::::::::ohhdmmddd/::::::::::::::::shhdmmsssNNNmmN ..+mmmmmy:::::::::::::::::::://shh+//:::::::::::::::::://dmmmmdoo+..o ``+dddmmhss+:::::::::::::::::::+++/::::::::::::::::::::::ooodddhhysshNNy++m ``+hhdmmdhhs///:::::::::::::::::::::::::::::::::::::::::::::yyymmmmmmmmo++hNNmdd ``+hhdmmdhhhhh+:::::::::::::::::::::::::::::::::::::::::::::::/hhhhhdmmmmmsoo... ``+ddmmmdhhhhhyyyyyyyyyyyo:::::::::::::::::::::::::::::::::::::+++++sdddmmdhhsss//+ ``+mmmmmhsshhhhhhhhhhhhhhy++/:::::::::::::::::::::::::::::::::::::::+ssyyydmmddd///hhd ``+mmmmmy::shhhhhhhhhhhhhhhhs:::::::::::::::::::::::::::::::::::::::::::::ymmmmmmmh../ ``+mmmmmy:://////////////ohhhyy+::::::::::::::::::::::::::::::::::::::::::///hddmmmhhs++s ``+mmmmmhssssssssssssssssydddddysssssssssssssssssssssssssssssssssssssssssssssdddmmmmmy::s ``+mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmhooh

 

Link to post
Share on other sites

[FS][US] Corsair H115i 280mm AIO-AMD $60+shipping

 

 

System specs:
Asus Prime X370 Pro - Custom EKWB CPU/GPU 2x360 1x240 soft loop - Ryzen 1700X - Corsair Vengeance RGB 2x16GB - Plextor 512 NVMe + 2TB SU800 - EVGA GTX1080ti - LianLi PC11 Dynamic
 

Link to post
Share on other sites

My workplace switched to Microsoft Teams when the news started to hit. I'm pretty satisfied with it honestly. Also includes slack-like chat functionality and other nice things.


We have a NEW and GLORIOUSER PSU Tier List Now.

 

You can check out the old one that gave joy to so many across the land here

 

Computer having a hard time powering on? Troubleshoot it with this guide. (Currently looking for suggestions to update it into the context of <current year> and make it its own thread)

Computer Specs:

Spoiler

 Mathresolvermajig: Intel Xeon E3 1240 (Sandy Bridge i7 equivalent)
Framepainting-inator: MSI RX 480 Gaming X 8GB Died in a horrible mining accident. Currently looking for used Vega 56s!

Attachcorethingy: GA-H61M-S2V-B3

Infoholdstick: Corsair 2x4GB DDR3 1333 CAS 9

Computerarmor: CM Elite 360 (Moddded to all hell by now)

Rememberdoogle: 120GB Trion 150 + 1TB WD RE+ + 240GB SSD Plus

AdditionalPylons: Corsair CX450M

Letterpad: Rosewill Apollo 9100 (Cherry MX Red)

Buttonrodent: EVGA Torq X3

Auralnterface: @Den-Fi が2年前にくれたヘッドフォン

Liquidrectangles: AOC G2260VWQ6 (Freesync 75Hz), Samsung SMB2030N (1600x900 VGA)

Brother's Computer:

Spoiler

Mathresolvermajig: Intel i3-2100 (carry over from my old build)
Framepainting-inator: GTX 650 Ti

Attachcorethingy: Intel Z68 (don't know anything else, got it from ebay for like $40)

Infoholdstick: Corsair 2x2GB 1333MHz C9

Computerarmor: Ashamed to say

Rememberdoogle: 120GB SP550 + 500GB 2.5" from a laptop

AdditionalPylons: Antec Basiq BP350 (not as loud as @STRMfrmXMN says it is) (actually pretty loud for my standards)

Letterpad: Logitech MK120 bundle

Buttonrodent: See above

Auralnterface: Hah! You wish

Liquidrectangles: Samsung 1600x900 + LG 1440x900

Link to post
Share on other sites
38 minutes ago, Energycore said:

My workplace switched to Microsoft Teams when the news started to hit. I'm pretty satisfied with it honestly. Also includes slack-like chat functionality and other nice things.

we use a mix of Slack and Teams, the thing teams lacks is the abily to draw on someons screen when they are screen sharing. This is a suppor usefull feature for small team coloboration, you migth say something like `i dont understand this`... and draw on something on thier screen. With teams you end up spending 2 mintues trying to get them to select and understand what it is you want to highlight... very anoying.

Link to post
Share on other sites

My doctors here in southeastern Mass use Zoom to remotely meet with patients.

 

I'm so tempted to tell the next one I see that they should stop using it.


Mechanical keyboard aficionado, professional fox

Mechanical Keyboard Club | Don't buy "gaming" keyboards, yo

Please quote me so I can see that you replied.

 

Be proud of who you are.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×