ZeroLogon (CVE-2020-1472) Exploitation Lab

Description

The purpose of this project is to demonstrate the ZeroLogon, also known as CVE-2020-1472 vulnerability in a controlled lab environemnt. This vulnerability poses a significant threat to Microsoft Windows domain controllers, potentially leading to unauthorized access and compromise of an entire network.

Environments Used

Windows Server 2019 (Unpatched)
Kali Linux (Impacket & Zerologon Script)

Lab walk-through:

Set Up Domain Controller:

The host name is “HYDRA-DC” with an IP address of 10.0.2.7. The domain “MARVEL.local” was configured with users. A device running on Windows 10 Enterprise is joined into the “MARVEL” domain, the device is called “Spiderman”. The active users within the domain includes Peter Parker, Miles Morales, the Administrator & SQL Service, the latter both are within the administrators group.

Installing Impacket & Run ZeroLogon Scripts:

Dump Hashes:

Login to domain controller using Admin hash:

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md
WIC3004 Group Assignment - SpiderByte.pdf		WIC3004 Group Assignment - SpiderByte.pdf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

WIC3004 Group Assignment - SpiderByte.pdf

WIC3004 Group Assignment - SpiderByte.pdf

Repository files navigation

ZeroLogon (CVE-2020-1472) Exploitation Lab

Description

Environments Used

Lab walk-through:

About

Releases

Packages

zareefrj/ZeroLogon

Folders and files

Latest commit

History

README.md

README.md

WIC3004 Group Assignment - SpiderByte.pdf

WIC3004 Group Assignment - SpiderByte.pdf

Repository files navigation

ZeroLogon (CVE-2020-1472) Exploitation Lab

Description

Environments Used

Lab walk-through:

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages