This exploit leverages an Information Disclosure vulnerability in Microsoft Outlook. By sending a mail crafting a malicious path, an attacker can coerce authentication to an untrusted server and steal NTLM hashes. This exploit does not install an agent, it manages to obtain the NTML hash of a legitimate user.
CVE Link
Exploit Platform
Exploit Type
Product Name