CVE-2020-1472接管域控制器

是否存在漏洞

https://github.com/SecuraBV/CVE-2020-1472

利用

https://github.com/dirkjanm/CVE-2020-1472

需最新版impacket

https://github.com/SecureAuthCorp/impacket

参考

https://www.secura.com/blog/zero-logon

So yes, Zerologon (CVE-2020-1472) is quite easy to exploit. Unauthenticated user to Domain Admin. This is really scary. Run exploit, DCSync with DC account and empty NT hash: you have Domain Admin and a broken DC.
Awesome find by Tom Tervoort 🙂. Patch patch patch! pic.twitter.com/XHRO7n50Qh

— Dirk-jan (@_dirkjan) September 14, 2020

a bruteforce of netlogon activity is not triggering a simgle event in this log :D, added example of netlogon logs in the EVTX repo for CVE-2020-1472 (ZeroLogon)https://t.co/E06FFC5dmehttps://t.co/C6nbXxMsc1 pic.twitter.com/AkpW3DmbeF

— Samir (@SBousseaden) September 12, 2020