Skip to content
/ zerologon Public
forked from zeronetworks/zerologon

Test script for CVE-2020-1472 for both RPC/TCP and RPC/SMB

License

MIT license
1 star 12 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PKXLIVE/zerologon

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
zerologon.py
zerologon.py
 
 

Repository files navigation

Zerologon test for SMB & RPC

A python script based on SecuraBV script.

Demonstrates that CVE-2020-1472 can be done via RPC/SMB, and not only over RPC/TCP.

Additionaly, there is a random byte in the final client challange & client credential - to test against trivial IDS signatures. The RPC/SMB scan runs by default. Depending on the target server, some may require a valid authenticated user to get permission to the netlogon pipe.

Execution

usage: zerologon_test.py [-h] [-u] [-d] [-p] [-t] [-pp] dc_name dc_ip

Perform zerologon test over RPC/TCP or RPC/SMB

positional arguments:
  dc_name               NetBIOS name of the domain controller
  dc_ip                 ip address of the domain controller

optional arguments:
  -h, --help, /?, /h, /help
                        show this help message and exit
  -u , --user           authenticated domain user,may be required for SMB
  -d , --domain         domain name, required only when authentication over SMB
  -p , --pass           authenticated domain user's password, may be required for SMB
  -t , --type           rpc or smb scan. choices: [smb, rpc], (default: 'smb').
  -pp, --privacy        if exists adds packet privacy

About

Test script for CVE-2020-1472 for both RPC/TCP and RPC/SMB

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%