CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-30 00:49:28 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
dc6e2cf7158eeb24cfecb4d64f4f1da9a8a732e2
CVEs-PoC/2020/CVE-2020-1472.md
T
marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00

383 lines
20 KiB
Markdown
Raw Blame History

### [CVE-2020-1472](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202008%20R2%20Service%20Pack%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012%20R2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202012&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202016&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%20version%202004&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%20version%2020H2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=10.0.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.1.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.2.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.3.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20Privilege&color=brighgreen)
### Description
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
### POC
#### Reference
- http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html
- http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html
- https://usn.ubuntu.com/4559-1/
- https://www.kb.cert.org/vuls/id/490028
- https://www.oracle.com/security-alerts/cpuApr2021.html
#### Github
- https://github.com/0x727/usefull-elevation-of-privilege
- https://github.com/0x783kb/Security-operation-book
- https://github.com/0xHunterr/OSCP-Study-Notes
- https://github.com/0xHunterr/OSCP-Studying-Notes
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xT11/CVE-POC
- https://github.com/0xZipp0/BIBLE
- https://github.com/0xZipp0/OSCP
- https://github.com/0xcccc666/cve-2020-1472_Tool-collection
- https://github.com/0xkami/CVE-2020-1472
- https://github.com/0xsyr0/OSCP
- https://github.com/1135/1135-CobaltStrike-ToolKit
- https://github.com/20142995/sectool
- https://github.com/30579096/CVE-2020-1473
- https://github.com/3th1c4l-t0n1/awesome-csirt
- https://github.com/3tternp/zerologon
- https://github.com/422926799/CVE-2020-1472
- https://github.com/61106960/adPEAS
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Aetsu/OffensivePipeline
- https://github.com/Ajatars/One_key_control_domain
- https://github.com/Akash7350/CVE-2020-1472
- https://github.com/Anonimo501/zerologon
- https://github.com/Anonimo501/zerologon-restore
- https://github.com/Anonymous-Family/CVE-2020-1472
- https://github.com/Anonymous-Family/Zero-day-scanning
- https://github.com/Ascotbe/Kernelhub
- https://github.com/Ashadowkhan/PENTESTINGBIBLE
- https://github.com/Astrogeorgeonethree/Starred
- https://github.com/Astrogeorgeonethree/Starred2
- https://github.com/Atem1988/Starred
- https://github.com/Austin-Src/CVE-Checker
- https://github.com/Awrrays/Pentest-Tips
- https://github.com/B-nD/report
- https://github.com/BC-SECURITY/Invoke-ZeroLogon
- https://github.com/CPO-EH/CVE-2020-1472_ZeroLogonChecker
- https://github.com/CPO-EH/SharpZeroLogon
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CanciuCostin/CVE-2020-1472
- https://github.com/CasperGN/ActiveDirectoryEnumeration
- https://github.com/ChristosSmiliotopoulos/Lateral-Movement-Dataset--LMD_Collections
- https://github.com/DNTYO/F5_Vulnerability
- https://github.com/Dr4ks/PJPT_CheatSheet
- https://github.com/EASI-Sec/EasiWeapons.sh
- https://github.com/ElonMusk2002/Cyber-ed-solutions
- https://github.com/ErdemOzgen/ActiveDirectoryAttacks
- https://github.com/EvilAnne/2020-Read-article
- https://github.com/Fa1c0n35/CVE-2020-1472
- https://github.com/Fa1c0n35/CVE-2020-1472-02-
- https://github.com/Fa1c0n35/SecuraBV-CVE-2020-1472
- https://github.com/Fa1c0n35/Zerologon_SACN
- https://github.com/Flangvik/ObfuscatedSharpCollection
- https://github.com/Flangvik/SharpCollection
- https://github.com/G0urmetD/PJPT-Notes
- https://github.com/G0urmetD/Zerologon-CVE-2020-1472
- https://github.com/GhostTroops/TOP
- https://github.com/H0j3n/EzpzCheatSheet
- https://github.com/HackingCost/AD_Pentest
- https://github.com/ImranTheThirdEye/AM0N-Eye
- https://github.com/JERRY123S/all-poc
- https://github.com/JayP232/The_big_Zero
- https://github.com/Jean-Francois-C/Windows-Penetration-Testing
- https://github.com/JohnnyZhouX/Intranet-Hacking
- https://github.com/JolynNgSC/Zerologon_CVE-2020-1472
- https://github.com/K1ngDamien/epss-super-sorter
- https://github.com/Kecatoca/Zerologon_Poc
- https://github.com/Kecatoca/Zerologon_test
- https://github.com/Ken-Abruzzi/cve-2020-1472
- https://github.com/KyleEvers/SharpCollection
- https://github.com/LostZX/DomainControllerLearn
- https://github.com/LuemmelSec/Pentest-Tools-Collection
- https://github.com/Ly0nt4r/OSCP
- https://github.com/Mathankumar2701/ALL-PENTESTING-BIBLE
- https://github.com/Maxvol20/SharpCollection
- https://github.com/McKinnonIT/zabbix-template-CVE-2020-1472
- https://github.com/MedoX71T/PENTESTING-BIBLE
- https://github.com/Micle5858/PENTESTING-BIBLE
- https://github.com/Mikasazero/Cobalt-Strike
- https://github.com/MizaruIT/PENTAD-TOOLKIT
- https://github.com/MizaruIT/PENTADAY_TOOLKIT
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NAXG/CVE-2020-1472
- https://github.com/Nekoox/zerologon
- https://github.com/NetW0rK1le3r/PENTESTING-BIBLE
- https://github.com/NickSanzotta/zeroscan
- https://github.com/OCEANOFANYTHING/PENTESTING-BIBLE
- https://github.com/Ondrik8/extra
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Privia-Security/ADZero
- https://github.com/Qazeer/OffensivePythonPipeline
- https://github.com/R0B1NL1N/CVE-2020-1472
- https://github.com/RP01XXX/internalpentesting
- https://github.com/Rayyan-appsec/ALL-PENTESTING-BIBLE
- https://github.com/ReAbout/web-sec
- https://github.com/RicYaben/CVE-2020-1472-LAB
- https://github.com/RinkuDas7857/Vuln
- https://github.com/Rvn0xsy/ZeroLogon
- https://github.com/RyanNgCT/EH-Assignment
- https://github.com/S3N4T0R-0X0/AM0N-Eye
- https://github.com/S3cur3Th1sSh1t/WinPwn
- https://github.com/SaharAttackit/CVE-2020-1472
- https://github.com/Saidul-M-Khan/PENTESTING-BIBLE
- https://github.com/SecuraBV/CVE-2020-1472
- https://github.com/SexurityAnalyst/WinPwn
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Shiva108/ADBasher
- https://github.com/Singhsanjeev617/A-Red-Teamer-diaries
- https://github.com/SirElmard/ethical_hacking
- https://github.com/SofianeHamlaoui/Conti-Clear
- https://github.com/Spacial/awesome-csirt
- https://github.com/Spacial/awesome-systools
- https://github.com/StarfireLab/AutoZerologon
- https://github.com/TG-Coder101/Lumberjack
- https://github.com/TabogaBr/h2_goat
- https://github.com/Tengrom/Python_nmap
- https://github.com/Th3k33n/AM0N-Eye
- https://github.com/The-Z-Labs/cli4bofs
- https://github.com/TheJoyOfHacking/SecuraBV-CVE-2020-1472
- https://github.com/TheJoyOfHacking/dirkjanm-CVE-2020-1472
- https://github.com/TheLastochka/pentest
- https://github.com/Thomashighbaugh/starred-repositories
- https://github.com/Thomashighbaugh/stars
- https://github.com/Threekiii/Awesome-Redteam
- https://github.com/Tobey123/CVE-2020-1472-visualizer
- https://github.com/Udyz/Zerologon
- https://github.com/VK9D/ZeroLogon
- https://github.com/VK9D/ZeroLogon-FullChain
- https://github.com/VoidSec/CVE-2020-1472
- https://github.com/Whippet0/CVE-2020-1472
- https://github.com/Whiteh4tWolf/Attack-Defense
- https://github.com/WiIs0n/Zerologon_CVE-2020-1472
- https://github.com/WillOram/ADReset
- https://github.com/XTeam-Wing/Hunting-Active-Directory
- https://github.com/XiaoliChan/zerologon-Shot
- https://github.com/YIXINSHUWU/Penetration_Testing_POC
- https://github.com/YangSirrr/YangsirStudyPlan
- https://github.com/YossiSassi/ZeroLogon-Exploitation-Check
- https://github.com/YossiSassi/hAcKtive-Directory-Forensics
- https://github.com/Zamanry/OSCP_Cheatsheet
- https://github.com/Zeyad-Azima/Remedy4me
- https://github.com/ZyberPatrol/Active-Directory
- https://github.com/aRustyDev/C844
- https://github.com/aasphixie/aasphixie.github.io
- https://github.com/ajayox/ZeroLogon-Exploitation-Check
- https://github.com/alexverboon/MDATP
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/altima/awesome-stars
- https://github.com/angui0O/Awesome-Redteam
- https://github.com/aymankhder/AD-attack-defense
- https://github.com/aymankhder/Windows-Penetration-Testing
- https://github.com/b1ack0wl/CVE-2020-1472
- https://github.com/b4rtik/SharpKatz
- https://github.com/badboycxcc/AM0N-Eye-1
- https://github.com/bb00/zer0dump
- https://github.com/bhassani/Recent-CVE
- https://github.com/bhataasim1/AD-Attack-Defence
- https://github.com/bhdresh/SnortRules
- https://github.com/bjknbrrr/PENTESTING-BIBLE
- https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
- https://github.com/blackend/Diario-RedTem
- https://github.com/boh/RedCsharp
- https://github.com/bollwarm/SecToolSet
- https://github.com/botfather0x0/ZeroLogon-to-Shell
- https://github.com/brimstone/stars
- https://github.com/c0mrade12211/Pentests
- https://github.com/carlos55ml/zerologon
- https://github.com/cetriext/fireeye_cves
- https://github.com/cihatyildiz/Kenna-Automation
- https://github.com/corelight/zerologon
- https://github.com/csb21jb/Pentesting-Notes
- https://github.com/cube0x0/CVE-2020-1472
- https://github.com/cwannett/Docs-resources
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/dinimus/dvs
- https://github.com/dirkjanm/CVE-2020-1472
- https://github.com/diyarit/Ad-Peas
- https://github.com/djrod/pentestdrod
- https://github.com/dli408097/pentesting-bible
- https://github.com/dqcostin/SharpGetinfo
- https://github.com/dr4g0n23/CVE-2020-1472
- https://github.com/drawdenohj/Zerologon_Vulnerability_Checker
- https://github.com/drmtra/drmtra
- https://github.com/e-hakson/OSCP
- https://github.com/eljosep/OSCP-Guide
- https://github.com/emtee40/win-pwn
- https://github.com/fadinglr/SharpCollection-1
- https://github.com/goark/go-cvss
- https://github.com/grandDancer/CVE-2017-5124-RCE-0-Day
- https://github.com/grupooruss/CVE-2020-1472
- https://github.com/guglia001/MassZeroLogon
- https://github.com/guzzisec/PENTESTING-BIBLE
- https://github.com/hack-parthsharma/WinPwn
- https://github.com/hacker-insider/Hacking
- https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense-
- https://github.com/hangchuanin/Intranet_penetration_history
- https://github.com/harshil-shah004/zerologon-CVE-2020-1472
- https://github.com/hectorgie/CVE-2020-1472
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hegusung/netscan
- https://github.com/hell-moon/ZeroLogon-Exploit
- https://github.com/heytherevibin/Lumberjack
- https://github.com/hktalent/TOP
- https://github.com/hktalent/bug-bounty
- https://github.com/huike007/penetration_poc
- https://github.com/hunter32me/2020-1472
- https://github.com/huyqa/zero-logon
- https://github.com/hwiwonl/dayone
- https://github.com/iamrajivd/pentest
- https://github.com/iamramahibrah/AD-Attacks-and-Defend
- https://github.com/ihebski/A-Red-Teamer-diaries
- https://github.com/ijatrom/searchcve
- https://github.com/infosecn1nja/AD-Attack-Defense
- https://github.com/ipcis/OSCP
- https://github.com/itssmikefm/CVE-2020-1472
- https://github.com/izj007/wechat
- https://github.com/jbmihoub/all-poc
- https://github.com/jenriquezv/OSCP-Cheat-Sheets-AD
- https://github.com/jiushill/CVE-2020-1472
- https://github.com/johnpathe/zerologon-cve-2020-1472-notes
- https://github.com/just0rg/Security-Interview
- https://github.com/k0imet/CVE-POCs
- https://github.com/k8gege/CVE-2020-1472-EXP
- https://github.com/k8gege/Ladon
- https://github.com/kdandy/WinPwn
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest
- https://github.com/lawrenceamer/0xsp-Mongoose
- https://github.com/leitosama/SharpZeroLogon
- https://github.com/libmifan/AM0N-Eye
- https://github.com/likeww/MassZeroLogon
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/logg-1/0logon
- https://github.com/lyshark/Windows-exploits
- https://github.com/m1ddl3w4r3/SharpCollection
- https://github.com/maikelnight/zerologon
- https://github.com/merlinepedra25/AM0N-Eye
- https://github.com/midpipps/CVE-2020-1472-Easy
- https://github.com/mingchen-script/CVE-2020-1472-visualizer
- https://github.com/mishmashclone/Flangvik-SharpCollection
- https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense
- https://github.com/missaelcorm-iteso/CTF-ITESO-O2022
- https://github.com/missaelcorm/CTF-ITESO-O2022
- https://github.com/momika233/AM0N-Eye
- https://github.com/mos165/CVE-20200-1472
- https://github.com/mstxq17/cve-2020-1472
- https://github.com/murataydemir/CVE-2020-1472
- https://github.com/mvlnetdev/zeek_detection_script_collection
- https://github.com/mxdelta/Up_Privel_windows
- https://github.com/n3rada/zero-effort
- https://github.com/nadeemali79/AD-Attack-Defense
- https://github.com/netkid123/WinPwn-1
- https://github.com/nitishbadole/PENTESTING-BIBLE
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/npocmak/CVE-2020-1472
- https://github.com/ommadawn46/CFB8-Zero-IV-Attack
- https://github.com/orgTestCodacy11KRepos110MB/repo-3423-Pentest_Note
- https://github.com/oscpname/OSCP_cheat
- https://github.com/paramint/AD-Attack-Defense
- https://github.com/penetrarnya-tm/WeaponizeKali.sh
- https://github.com/phant0n/PENTESTING-BIBLE
- https://github.com/pj-797/soc_checker.sh
- https://github.com/polarbeargo/Security-Engineer-Nanodegree-Program-Adversarial-Resilience-Assessing-Infrastructure-Security
- https://github.com/preempt/ntlm-scanner
- https://github.com/puckiestyle/A-Red-Teamer-diaries
- https://github.com/puckiestyle/CVE-2020-1472
- https://github.com/pwninx/WinPwn
- https://github.com/pwnlog/PAD
- https://github.com/pwnlog/PuroAD
- https://github.com/pwnlog/PurpAD
- https://github.com/r00t7oo2jm/AMON-Eye
- https://github.com/r0eXpeR/supplier
- https://github.com/readloud/Pentesting-Bible
- https://github.com/reph0r/poc-exp
- https://github.com/reph0r/poc-exp-tools
- https://github.com/retr0-13/AD-Attack-Defense
- https://github.com/retr0-13/WinPwn
- https://github.com/revanmalang/OSCP
- https://github.com/rfrost777/tools
- https://github.com/rhymeswithmogul/Set-ZerologonMitigation
- https://github.com/risksense/zerologon
- https://github.com/rtandr01d/zerologon
- https://github.com/rth0pper/zerologon
- https://github.com/s31frc3/Pentesting-Course-Notes
- https://github.com/sabrinalupsan/pentesting-active-directory
- https://github.com/safe6Sec/command
- https://github.com/scv-m/zabbix-template-CVE-2020-1472
- https://github.com/seeu-inspace/easyg
- https://github.com/select-ldl/word_select
- https://github.com/shanfenglan/cve-2020-1472
- https://github.com/sho-luv/zerologon
- https://github.com/sinfulz/JustGetDA
- https://github.com/snovvcrash/WeaponizeKali.sh
- https://github.com/soosmile/POC
- https://github.com/spiegel-im-spiegel/go-cvss
- https://github.com/sponkmonk/Ladon_english_update
- https://github.com/stanfrbd/searchcve
- https://github.com/striveben/CVE-2020-1472
- https://github.com/sunzu94/AD-Attack-Defense
- https://github.com/suzi007/RedTeam_Note
- https://github.com/sv3nbeast/CVE-2020-1472
- https://github.com/svbjdbk123/ReadTeam
- https://github.com/t31m0/CVE-2020-1472
- https://github.com/t31m0/Zero
- https://github.com/tanjiti/sec_profile
- https://github.com/tera-si/CTF-Note-Template-Generator
- https://github.com/thatonesecguy/zerologon-CVE-2020-1472
- https://github.com/todo1024/2041
- https://github.com/todo1024/2102
- https://github.com/todo1024/2279
- https://github.com/tonypurdy/Vulnerabilities
- https://github.com/triw0lf/Security-Matters-22
- https://github.com/tufanturhan/Red-Teamer-Diaries
- https://github.com/txuswashere/OSCP
- https://github.com/txuswashere/Pentesting-Windows
- https://github.com/val0ur/CVE
- https://github.com/vecnathewhisperd/ZeroLogin
- https://github.com/victim10wq3/CVE-2020-1472
- https://github.com/voker2311/Infra-Security-101
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whitfieldsdad/epss
- https://github.com/whoami-chmod777/ZeroLogon-Testing-Script
- https://github.com/whoami-chmod777/Zerologon-Attack-CVE-2020-1472-POC
- https://github.com/whoami13apt/files2
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/wowter-code/SharpCollection
- https://github.com/wrathfulDiety/zerologon
- https://github.com/xbl2022/awesome-hacking-lists
- https://github.com/xhref/OSCP
- https://github.com/xiaoy-sec/Pentest_Note
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yerdaulete/PJPT-CheatSheet
- https://github.com/yevh/VulnPlanet
- https://github.com/yovelo98/OSCP-Cheatsheet
- https://github.com/yusufazizmustofa/BIBLE
- https://github.com/zareefrj/ZeroLogon
- https://github.com/zer010bs/zeroscan
- https://github.com/zeronetworks/zerologon
- https://github.com/zha0/CVE-2020-1474
- https://github.com/zha0/WeaponizeKali.sh
- https://github.com/zizzs3228/PENTEST
Reference in New Issue View Git Blame Copy Permalink