npub1ed2usjtwygcddv2cgeuspwl2td38vh9qejnaa5w7sq020hh7s25s4d9yw0 (npub1ed2…9yw0) : not taking into account that I strongly advise against using weak MFA (because it it not phishing-resistant and comes with a lot of disadvantages nobody wants anyone to know about):
yes.
See https://www.oasis.security/resources/blog/oasis-security-research-team-discovers-microsoft-azure-mfa-bypass (yesterday).
Source: https://infosec.exchange/@AAKL/113634744971043868
In short (if I understand correctly) Microsoft's servers would accept codes in a time window for upto 3 minutes. This enabled the researchers to conduct a brute force attack.
#WeakMFA #Weak2FA #TOTP #SMS #Voice #MFA #2FA #AitM #MitM #EvilProxy #Evilginx2
Erik van Straten /
npub1yz…ql3r7
2024-12-12 19:12:20
in reply to nevent1q…tjj0
Author Public Key
npub1yzfshvmugq4nd4jhwve7hhwqzvvt7g9g23sharz5f5wdvg65r92qhql3r7Published at
2024-12-12 19:12:20Event JSON
{
"id": "b40b20fc46a5f20f46a82fe73a8286efb7e274fabe49c71a2113ab2f7d9df366",
"pubkey": "20930bb37c402b36d6577333ebddc01318bf20a854617e8c544d1cd623541954",
"created_at": 1734030740,
"kind": 1,
"tags": [
[
"p",
"cb55c8496e2230d6b158467900bbea5b62765ca0cca7ded1de801ea7defe82a9",
"wss://nostr.sprovoost.nl"
],
[
"p",
"42374285b0d23b2131dae4ec785e07ce3dbce6301e1d2c8cfbfc041b1faee0ca",
"wss://nostr.sprovoost.nl"
],
[
"e",
"3fb2370fef2dd9afec57cc1004b1a19dc7b4d5d1ae9fbfb4ea548cfe39bdec8b",
"wss://nostr.sprovoost.nl",
"reply"
],
[
"t",
"weakmfa"
],
[
"t",
"weak2fa"
],
[
"t",
"totp"
],
[
"t",
"sms"
],
[
"t",
"voice"
],
[
"t",
"mfa"
],
[
"t",
"2fa"
],
[
"t",
"AiTM"
],
[
"t",
"mitm"
],
[
"t",
"evilproxy"
],
[
"t",
"Evilginx2"
],
[
"proxy",
"https://infosec.exchange/users/ErikvanStraten/statuses/113641438623429359",
"activitypub"
]
],
"content": "nostr:npub1ed2usjtwygcddv2cgeuspwl2td38vh9qejnaa5w7sq020hh7s25s4d9yw0 : not taking into account that I strongly advise against using weak MFA (because it it not phishing-resistant and comes with a lot of disadvantages nobody wants anyone to know about):\n\nyes.\n\nSee https://www.oasis.security/resources/blog/oasis-security-research-team-discovers-microsoft-azure-mfa-bypass (yesterday).\nSource: https://infosec.exchange/@AAKL/113634744971043868\n\nIn short (if I understand correctly) Microsoft's servers would accept codes in a time window for upto 3 minutes. This enabled the researchers to conduct a brute force attack.\n\n#WeakMFA #Weak2FA #TOTP #SMS #Voice #MFA #2FA #AitM #MitM #EvilProxy #Evilginx2",
"sig": "1eb749b76997438aebd8b0cea26b139f051a3bc4db8fc587cd1713fb819936d1d35f3b54c95de414d00c83af79a18caf8c65b2e717fd4c3d09665901bfafe2c1"
}