Purpose:
There is a new Teams message warning bypass which requires users to send a message and remove themselves from the group chat. The previous bypass was patched by Microsoft which results in external users to receive a warning banner.
TeamsPhisher already invites the user twice, so the only modification was to create a new function. Users of TeamsPhisher may want to keep the message warning depending on the pretext and what they are attempting to accomplish. I have not created an option to do this yet.
Main Change:
Created a new function called removeExternalUser which deletes the "targetInfo" member once a chat is created. This function is called on line 804 once a new real thread/message is sent.
Purpose: There is a new Teams message warning bypass which requires users to send a message and remove themselves from the group chat. The previous bypass was patched by Microsoft which results in external users to receive a warning banner.
TeamsPhisher already invites the user twice, so the only modification was to create a new function. Users of TeamsPhisher may want to keep the message warning depending on the pretext and what they are attempting to accomplish. I have not created an option to do this yet.
Main Change: Created a new function called removeExternalUser which deletes the "targetInfo" member once a chat is created. This function is called on line 804 once a new real thread/message is sent.
removeExternalUser(skypeToken, senderInfo, threadID, targetInfo)Bypass Details pfiatde blog Credit: https://twitter.com/pfiatde Original Tweet: https://x.com/pfiatde/status/1745821948787974481?s=20
Tests Ran:
Assisted by DenSecure team @stevesec and @almart