A vulnerability exists within the Netlogon authentication process where the security properties granted by AES are lost due to an implementation flaw related to the use of a static initialization vector (IV). An attacker can leverage this flaw to target an Active Directory Domain Controller and make repeated authentication attempts using NULL data fields which will succeed every 1 in 256 tries (~0.4%). This Metasploit module leverages the vulnerability to reset the machine account password to an empty string, which will then allow the attacker to authenticate as the machine account. After exploitation, its important to restore this password to its original value. Failure to do so can result in service instability.
2e8cb0b33fee94cb76487f48c8612ae293bf93023140f19faf6766dfb2245f0eProof of concept exploit for the Windows Zerologon vulnerability as noted in CVE-2020-1472. By default, it changes the password of the domain controller account.
c33a65409db7ea9ced3d7e9d9df80a4e2cef77b787ac47ff949764da970ec602
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed