PATCHAPALOOZA-jasminalex/CVE-2020-1472

PATCHAPALOOZA WORKING POC
Exploit for CVE-2020-1472 - Netlogon Weak Cryptographic Authentication
AI Analysis

This repository contains a functional exploit for CVE-2020-1472 (ZeroLogon), which allows an attacker to impersonate a domain controller account by exploiting a cryptographic flaw in the Netlogon authentication process. The exploit resets the domain controller's password to an empty string, enabling further attacks like DCSync.

Attack Type
auth_bypass
Complexity
moderate
Reliability
reliable
MITRE ATT&CK
T1190 - Exploit Public-Facing Application T1078 - Valid Accounts
Loading exploit code...
Download ZIP Password: eip
Source
Platform Patchapalooza
Type poc
Files 32
Authors
Tom Tervoort (Secura) @_dirkjan jasminalex
Vulnerability
CVE-2020-1472
Netlogon Weak Cryptographic Authentication
MEDIUM KEV
CVSS 5.5