NOMISEC-Whippet0/CVE-2020-1472

NOMISEC WORKING POC

Exploit for CVE-2020-1472 - Netlogon Weak Cryptographic Authentication

AI Analysis

This repository contains multiple Python scripts exploiting CVE-2020-1472 (Zerologon), a critical vulnerability in Netlogon Remote Protocol (MS-NRPC). The exploit allows an unauthenticated attacker to impersonate a domain controller and set an empty password, leading to domain compromise.

Attack Type

auth_bypass

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1550.002 - Pass the Hash T1003 - OS Credential Dumping

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type remote

Files 60

https://github.com/Whippet0/CVE-2020-1472

Stars 0

Forks 0

Last Push Nov 17, 2020

Authors

Whippet0 @_dirkjan

Vulnerability

CVE-2020-1472

Netlogon Weak Cryptographic Authentication

MEDIUM KEV

CVSS 5.5