AD Common Vulnerablities

Abusing ZeroLogon

We set up the domain controller password as null

LogoWhat Is Zerologon?Trend Micro
LogoGitHub - dirkjanm/CVE-2020-1472: PoC for Zerologon - all research credits go to Tom Tervoort of SecuraGitHub
exploit
LogoGitHub - SecuraBV/CVE-2020-1472: Test tool for CVE-2020-1472GitHub
SecuraBV ZeroLogon Checker
scanning
Attacking
checking if attack is succesful
Restore Password

PrintNightmare (CVE-2021-1675)

LogoGitHub - cube0x0/CVE-2021-1675: C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527GitHub
cube0x0 RCE
LogoGitHub - calebstewart/CVE-2021-1675: Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)GitHub
calebstewart LPE
scanning for if vulnerable

Make a malicious dll

share the directory

Exploitation

PreviousSilver TicketNextBleeding Edge Vulnerabilities

Last updated