{"id":2359,"date":"2020-04-28T07:00:37","date_gmt":"2020-04-28T07:00:37","guid":{"rendered":"https:\/\/www.affinite.fr\/index.php\/2020\/04\/28\/envoyer-un-gif-suffisait-pour-pirater-nimporte-quel-utilisateur-de-teams\/"},"modified":"2020-04-28T07:00:37","modified_gmt":"2020-04-28T07:00:37","slug":"envoyer-un-gif-suffisait-pour-pirater-nimporte-quel-utilisateur-de-teams","status":"publish","type":"post","link":"http:\/\/www.affinite.fr\/index.php\/2020\/04\/28\/envoyer-un-gif-suffisait-pour-pirater-nimporte-quel-utilisateur-de-teams\/","title":{"rendered":"Envoyer un GIF suffisait pour pirater n\u2019importe quel utilisateur de Teams"},"content":{"rendered":"<p> [ad_1]<br \/>\n<br \/><img decoding=\"async\" src=\"https:\/\/img.bfmtv.com\/i\/0\/0\/b64\/eeffca1ebfe8ed83e02853e0f1cd4.jpg\" \/><\/p>\n<div itemprop=\"articleBody\">\n<p>Parmi les services de communication, il n\u2019y a pas que <a href=\"https:\/\/www.01net.com\/actualites\/zoom-5-bonnes-raisons-de-ne-pas-utiliser-ce-service-de-visioconference-1888182.html\" target=\"_blank\" rel=\"noopener noreferrer\">Zoom <\/a>qui a des probl\u00e8mes de s\u00e9curit\u00e9. La solution Teams de Microsoft souffrait \u00e9galement d\u2019une faille particuli\u00e8rement n\u00e9faste. D\u00e9couverte par Omer Tsarfati, chercheur en s\u00e9curit\u00e9 chez CyberArk, cette vuln\u00e9rabilit\u00e9 permettait d\u2019acc\u00e9der \u00e0 n\u2019importe quel compte d\u2019utilisateur et copier l\u2019ensemble de ses messages.<\/p>\n<aside class=\"bg-color-0 padding-inside-all-s bloc border-s\">\n<h4 class=\"box-txt-normal\">\n<p><b>A d\u00e9couvrir aussi en vid\u00e9o<\/b><\/p>\n<\/h4>\n<\/aside>\n<p>La faille r\u00e9sidait d\u2019une part dans une mauvaise gestion des tokens d\u2019acc\u00e8s pour les images, et d\u2019autre part dans l\u2019existence de sous-domaines Microsoft mal configur\u00e9s dont il \u00e9tait possible de prendre le contr\u00f4le. En combinant ces deux aspects, il suffisait qu\u2019un pirate cr\u00e9e une image sur l\u2019un de ces sous-domaines \u2014 un GIF rigolo par exemple \u2014 et qu\u2019il l\u2019envoie \u00e0 un utilisateur de Teams. Au moment o\u00f9 il visionne cette image, ses tokens d\u2019acc\u00e8s sont r\u00e9ceptionn\u00e9s sur les serveurs du pirate, ni vu ni connu. Avec ces tokens, le pirate peut ensuite acc\u00e9der \u00e0 l\u2019ensemble du contenu Teams de la victime. Il peut \u00e9galement usurper son identit\u00e9.<\/p>\n<div data-force-click=\"true\" class=\"bloc\">\n<blockquote class=\"twitter-tweet\" data-partner=\"tweetdeck\">\n<p dir=\"ltr\" lang=\"en\">Check out my write-up about an account takeover vulnerability I found in Microsoft Teams.<br \/>By sending a GIF, you could get access to the user&rsquo;s data and \u00ab\u00a0ultimately take over an organization&rsquo;s entire roster of Teams accounts\u00a0\u00bb.<a href=\"https:\/\/t.co\/CLMBHiPcdE\">https:\/\/t.co\/CLMBHiPcdE<\/a> <a href=\"https:\/\/t.co\/2xGLuzwygK\">pic.twitter.com\/2xGLuzwygK<\/a><\/p>\n<p>\u2014 Omer Tsarfati (@OmerTsarfati) <a href=\"https:\/\/twitter.com\/OmerTsarfati\/status\/1254688634860535810?ref_src=twsrc%5Etfw\">April 27, 2020<\/a><\/p><\/blockquote><\/div>\n<p>CyberArk a alert\u00e9 Microsoft le 23\u00a0mars dernier. L\u2019\u00e9diteur a corrig\u00e9 la configuration des sous-domaines vuln\u00e9rables le jour m\u00eame. Par la suite, des patchs ont \u00e9galement \u00e9t\u00e9 install\u00e9s au niveau du service Teams.<\/p>\n<\/p><\/div>\n<p><script async src=\"http:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><script>\n         !function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function()\n         {n.callMethod? n.callMethod.apply(n,arguments):n.queue.push(arguments)}\n         ;if(!f._fbq)f._fbq=n;\n             n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0;\n             t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,\n                 document,'script','https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n         fbq('init', '1065890633454496');\n         fbq('track', 'PageView');\n     <\/script><br \/>\n<br \/>[ad_2]<br \/>\n<br \/><a href=\"https:\/\/www.01net.com\/actualites\/envoyer-un-gif-suffisait-pour-pirater-n-importe-quel-utilisateur-de-teams-1903084.html\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[ad_1] Parmi les services de communication, il n\u2019y a pas que Zoom qui a des probl\u00e8mes de s\u00e9curit\u00e9. La solution &hellip; <a href=\"http:\/\/www.affinite.fr\/index.php\/2020\/04\/28\/envoyer-un-gif-suffisait-pour-pirater-nimporte-quel-utilisateur-de-teams\/\" class=\"more-link\">Plus <span class=\"screen-reader-text\">Envoyer un GIF suffisait pour pirater n\u2019importe quel utilisateur de Teams<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":2360,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-2359","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tous"],"_links":{"self":[{"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/posts\/2359"}],"collection":[{"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/comments?post=2359"}],"version-history":[{"count":0,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/posts\/2359\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/media\/2360"}],"wp:attachment":[{"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/media?parent=2359"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/categories?post=2359"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/tags?post=2359"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}