AD Common Vulnerablities

Abusing ZeroLogon

We set up the domain controller password as null

What Is Zerologon?Trend Micro

GitHub - dirkjanm/CVE-2020-1472: PoC for Zerologon - all research credits go to Tom Tervoort of SecuraGitHub

GitHub - SecuraBV/CVE-2020-1472: Test tool for CVE-2020-1472GitHub

PrintNightmare (CVE-2021-1675)

GitHub - cube0x0/CVE-2021-1675: C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527GitHub

GitHub - calebstewart/CVE-2021-1675: Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)GitHub

Make a malicious dll

share the directory

Exploitation