'Zerologon' Windows domain admin bypass exploit released
'Zerologon' Windows domain admin bypass exploit released
The Zerologon flaw allows an attacker with a foothold on an internal Windows network to simply send a number of Netlogon messages, filling various fields with zeroes, and changing the Active Directory stored password of a Domain Controller.
Secura has also published a Python script on Github to test if a Domain Controller is vulnerable.
Biting the hand that feeds IT
