forked from p15670423/monkey
1.0 KiB
1.0 KiB
| title | date | draft | tags | ||
|---|---|---|---|---|---|
| Zerologon | 2021-01-31T19:46:12+05:30 | false |
|
The Zerologon exploiter exploits CVE-2020-1472.
This exploiter is unsafe.
- It will temporarily change the target domain controller's password.
- It may break the target domain controller's communication with other systems in the network, affecting functionality.
It is, therefore, not enabled by default.
Description
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC).
To download the relevant security update and read more, click here.
Notes
- The Infection Monkey exploiter implementation is based on implementations by @dirkjanm and @risksense.