The Vulnerability: The Zerologon exploit (CVE-2020-1472)
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472
Find DC name
set logonserver
Ping DC name
ping <DC Name>
Install a test environment on a Linux machine
git clone https://github.com/SecuraBV/CVE-2020-1472
cd Downloads/CVE-2020-1472-master
sudo python3 zerologon_tester.py <Domain Controller Name> <IP>
Result
-> “Attack failed. Target is probably patched.”
or
-> “Success! DC can be fully compromised by a Zerologon attack.”
The sample output:
Comments
Post a Comment