Loading video...

Video Failed to Load

Go Home

Lotta chatter around #ScreenConnect vulnerabilities now as folks are getting spun up. Fellow Huntress researchers and I were up all night to recreate the auth bypass and RCE exploit. I'm not a huge fan of giving a PoC to threat actors, but I do dig snazzy video demos 😜

79,092 views • 2 years ago •via X (Twitter)

10 Comments

mRr3b00t's profile picture
mRr3b00t2 years ago

@HuntressLabs nice work

John Hammond's profile picture
John Hammond2 years ago

@HuntressLabs

Ahmet Göker🇹🇷🇳🇱's profile picture
Ahmet Göker🇹🇷🇳🇱2 years ago

@HuntressLabs I like the big icon for Chrome and the trash😁 Most likely for an attacker role or for being a hunter.🧛‍♂️

geech 👽👾's profile picture
geech 👽👾2 years ago

@HuntressLabs Instructions unclear, sewed a connectwise patch onto my backpack

jacob klein's profile picture
jacob klein2 years ago

@HuntressLabs Is the bypass exploit on http/https port or via relay port?

Ed Targett's profile picture
Ed Targett2 years ago

@HuntressLabs Nice work John; seen some shoutous on the r/msp too for your team's work. Is public exposure still roughly in the 5k instance range do you know?

Haroon's profile picture
Haroon2 years ago

@HuntressLabs ☝️ 👍

Empez's profile picture
Empez2 years ago

@HuntressLabs youre awesome Sir! thank you!

Saxhornet 🎷🇮🇱🇫🇷🇺🇸🇷🇺's profile picture
Saxhornet 🎷🇮🇱🇫🇷🇺🇸🇷🇺2 years ago

@HuntressLabs Excellent 👌 wonderful 🤓

Saxhornet 🎷🇮🇱🇫🇷🇺🇸🇷🇺's profile picture
Saxhornet 🎷🇮🇱🇫🇷🇺🇸🇷🇺2 years ago

@HuntressLabs Where is the code ? To see how it works

Related Videos