是否存在漏洞
https://github.com/SecuraBV/CVE-2020-1472
利用
https://github.com/dirkjanm/CVE-2020-1472
需最新版impacket
https://github.com/SecureAuthCorp/impacket
参考
https://www.secura.com/blog/zero-logon
So yes, Zerologon (CVE-2020-1472) is quite easy to exploit. Unauthenticated user to Domain Admin. This is really scary. Run exploit, DCSync with DC account and empty NT hash: you have Domain Admin and a broken DC.
Awesome find by Tom Tervoort 🙂. Patch patch patch! pic.twitter.com/XHRO7n50Qh— Dirk-jan (@_dirkjan) September 14, 2020
a bruteforce of netlogon activity is not triggering a simgle event in this log :D, added example of netlogon logs in the EVTX repo for CVE-2020-1472 (ZeroLogon)https://t.co/E06FFC5dmehttps://t.co/C6nbXxMsc1 pic.twitter.com/AkpW3DmbeF
— Samir (@SBousseaden) September 12, 2020
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论