Open pwnf opened 6 months ago
Octoberfest7
commented
6 months ago There is a 'revert_bypass' branch I threw together for this purpose a bit ago. I'll merge it in eventually, along with addressing outstanding pull requests, hopefully in the near future after some other work is complete.
er4z0r
commented
3 months ago So from looking at the code in the branch, this just removes the code that removes the user after sending the message.
Does this basically mean that currently there is no (public) bypass for the the "external user" warning?
Octoberfest7
commented
3 months ago That is correct, the revert_bypass branch simply makes it so targets can choose to view the message again, whereas in the main branch because the user is removed they are unable to interact with the message. I haven't merged it into main because I lack another account to test with.
Looks like the splash screen bypass has once again been patched by Microsoft reducing the effectiveness of TeamsPhisher.
Now when you remove the victim from the group they are only able to preview the message and the button for clicking through the splash screen is greyed out.
Given reliance is once again on the user to click through the splash screen and they can't be removed - I do wonder if its better to revert TeamsPhisher back to just messaging a user without adding them to a group at all.