支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2020-1472 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
Netlogon Elevation of Privilege Vulnerability
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Microsoft Windows Netlogon 安全特征问题漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Microsoft Windows Netlogon是美国微软(Microsoft)公司的Windows的一个重要组件,主要功能是用户和机器在域内网络上的认证,以及复制数据库以进行域控备份,同时还用于维护域成员与域之间、域与域控之间、域DC与跨域DC之间的关系。 Microsoft Windows Netlogon 存在安全漏洞。攻击者可以使用 Netlogon 远程协议 (MS-NRPC) 建立与域控制器的易受攻击的 Netlogon 安全通道连接并进行特权提升。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
MicrosoftWindows Server version 2004 10.0.0 ~ publication cpe:2.3:o:microsoft:windows_server_2004:*:*:*:*:*:*:*:*
MicrosoftWindows Server 2019 10.0.0 ~ publication cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
MicrosoftWindows Server 2019 (Server Core installation) 10.0.0 ~ publication cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
MicrosoftWindows Server, version 1909 (Server Core installation) 10.0.0 ~ publication cpe:2.3:o:microsoft:windows_server_1909:*:*:*:*:*:*:*:*
MicrosoftWindows Server, version 1903 (Server Core installation) 10.0.0 ~ publication cpe:2.3:o:microsoft:windows_server_1903:*:*:*:*:*:*:*:*
MicrosoftWindows Server 2016 10.0.0 ~ publication cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
MicrosoftWindows Server 2016 (Server Core installation) 10.0.0 ~ publication cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
MicrosoftWindows Server 2008 R2 Service Pack 1 6.1.0 ~ publication cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*
MicrosoftWindows Server 2008 R2 Service Pack 1 (Server Core installation) 6.0.0 ~ publication cpe:2.3:o:microsoft:windows_server_2008_R2:*:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 6.2.0 ~ publication cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 (Server Core installation) 6.2.0 ~ publication cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 R2 6.3.0 ~ publication cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 R2 (Server Core installation) 6.3.0 ~ publication cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
MicrosoftWindows Server version 20H2 10.0.0 ~ publication cpe:2.3:o:microsoft:windows_server_20H2:*:*:*:*:*:*:*:*
二、漏洞 CVE-2020-1472 的公开POC
#POC 描述源链接神龙链接
1Nonehttps://github.com/Tobey123/CVE-2020-1472-visualizerPOC详情
2Test tool for CVE-2020-1472https://github.com/SecuraBV/CVE-2020-1472POC详情
3Nonehttps://github.com/cube0x0/CVE-2020-1472POC详情
4PoC for Zerologon - all research credits go to Tom Tervoort of Securahttps://github.com/dirkjanm/CVE-2020-1472POC详情
5Exploit Code for CVE-2020-1472 aka Zerologonhttps://github.com/VoidSec/CVE-2020-1472POC详情
6Exploit for zerologon cve-2020-1472https://github.com/risksense/zerologonPOC详情
7Abuse CVE-2020-1472 (Zerologon) to take over a domain and then repair the local stored machine account password.https://github.com/bb00/zer0dumpPOC详情
8CVE-2020-1472漏洞复现过程https://github.com/0xkami/CVE-2020-1472POC详情
9CVE-2020-1472复现流程https://github.com/NAXG/CVE-2020-1472POC详情
10Nonehttps://github.com/R0B1NL1N/CVE-2020-1472POC详情
11PoC for Zerologon (CVE-2020-1472) - Exploithttps://github.com/thatonesecguy/zerologon-CVE-2020-1472POC详情
12Ladon Moudle CVE-2020-1472 Exploit 域控提权神器https://github.com/k8gege/CVE-2020-1472-EXPPOC详情
13CVE-2020-1472https://github.com/jiushill/CVE-2020-1472POC详情
14Zabbix Template to monitor for Windows Event Viewer event's related to Netlogon Elevation of Privilege Vulnerability - CVE-2020-1472. Monitors event ID's 5827, 5828 & 5829. See: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472https://github.com/scv-m/zabbix-template-CVE-2020-1472POC详情
15cve-2020-1472 复现利用及其exphttps://github.com/mstxq17/cve-2020-1472POC详情
16Nonehttps://github.com/Fa1c0n35/CVE-2020-1472POC详情
17Nonehttps://github.com/Fa1c0n35/SecuraBV-CVE-2020-1472POC详情
18CVE-2020-1472 - Zero Logon vulnerability Python implementationhttps://github.com/CanciuCostin/CVE-2020-1472POC详情
19cve-2020-1472_Tool collectionhttps://github.com/0xcccc666/cve-2020-1472_Tool-collectionPOC详情
20[CVE-2020-1472] Netlogon Remote Protocol Call (MS-NRPC) Privilege Escalation (Zerologon)https://github.com/murataydemir/CVE-2020-1472POC详情
21https://github.com/dirkjanm/CVE-2020-1472https://github.com/npocmak/CVE-2020-1472POC详情
22Nonehttps://github.com/victim10wq3/CVE-2020-1472POC详情
23Test script for CVE-2020-1472 for both RPC/TCP and RPC/SMBhttps://github.com/zeronetworks/zerologonPOC详情
24 CVE-2020-1472复现时使用的py文件整理打包https://github.com/sv3nbeast/CVE-2020-1472POC详情
25A simple implementation/code smash of a bunch of other reposhttps://github.com/midpipps/CVE-2020-1472-EasyPOC详情
26Nonehttps://github.com/hectorgie/CVE-2020-1472POC详情
27Nonehttps://github.com/johnpathe/zerologon-cve-2020-1472-notesPOC详情
28Nonehttps://github.com/t31m0/CVE-2020-1472POC详情
29CVE 2020-1472 Script de validación https://github.com/grupooruss/CVE-2020-1472POC详情
30Nonehttps://github.com/striveben/CVE-2020-1472POC详情
31Nonehttps://github.com/Fa1c0n35/CVE-2020-1472-02-POC详情
32CVE-2020-1472https://github.com/Whippet0/CVE-2020-1472POC详情
33POC for checking multiple hosts for Zerologon vulnerabilityhttps://github.com/WiIs0n/Zerologon_CVE-2020-1472POC详情
34Zerologon AutoExploit Tool | CVE-2020-1472https://github.com/Privia-Security/ADZeroPOC详情
35Nonehttps://github.com/Ken-Abruzzi/cve-2020-1472POC详情
36Protect your domain controllers against Zerologon (CVE-2020-1472).https://github.com/rhymeswithmogul/Set-ZerologonMitigationPOC详情
37Nonehttps://github.com/shanfenglan/cve-2020-1472POC详情
38Check for events that indicate non compatible devices -> CVE-2020-1472https://github.com/maikelnight/zerologonPOC详情
39C# Vulnerability Checker for CVE-2020-1472 Aka Zerologonhttps://github.com/CPO-EH/CVE-2020-1472_ZeroLogonCheckerPOC详情
40Nonehttps://github.com/puckiestyle/CVE-2020-1472POC详情
41Nonehttps://github.com/mingchen-script/CVE-2020-1472-visualizerPOC详情
42The following is the outcome of playing with CVE-2020-1472 and attempting to automate the process of gaining a shell on the DChttps://github.com/JayP232/The_big_ZeroPOC详情
43Nonehttps://github.com/b1ack0wl/CVE-2020-1472POC详情
44Nonehttps://github.com/SaharAttackit/CVE-2020-1472POC详情
45zerologon script to exploit CVE-2020-1472 CVSS 10/10https://github.com/wrathfulDiety/zerologonPOC详情
46quick'n'dirty automated checks for potential exploitation of CVE-2020-1472 (aka ZeroLogon), using leading artifects in determining an actual exploitation of CVE-2020-1472. requires admin access to the DCshttps://github.com/YossiSassi/ZeroLogon-Exploitation-CheckPOC详情
47Zerologon Check and Exploit - Discovered by Tom Tervoort of Secura and expanded on @Dirkjanm's cve-2020-1472 coded example. This tool will check, exploit and restore password to original statehttps://github.com/sho-luv/zerologonPOC详情
48Modified the test PoC from Secura, CVE-2020-1472, to change the machine password to nullhttps://github.com/hell-moon/ZeroLogon-ExploitPOC详情
49Exploit Code for CVE-2020-1472 aka Zerologonhttps://github.com/Udyz/ZerologonPOC详情
50Nonehttps://github.com/itssmikefm/CVE-2020-1472POC详情
51Zeroscan is a Domain Controller vulnerability scanner, that currently includes checks for Zerologon (CVE-2020-1472), MS-PAR/MS-RPRN and SMBv2 Signing.https://github.com/NickSanzotta/zeroscanPOC详情
52Nonehttps://github.com/TheJoyOfHacking/SecuraBV-CVE-2020-1472POC详情
53Nonehttps://github.com/TheJoyOfHacking/dirkjanm-CVE-2020-1472POC详情
54Zero-day-scanning is a Domain Controller vulnerability scanner, that currently includes checks for Zero-day-scanning (CVE-2020-1472), MS-PAR/MS-RPRN and SMBv2 Signing.https://github.com/Anonymous-Family/Zero-day-scanningPOC详情
55Test tool for CVE-2020-1472https://github.com/Anonymous-Family/CVE-2020-1472POC详情
56Set of scripts, to test and exploit the zerologon vulnerability (CVE-2020-1472). https://github.com/carlos55ml/zerologonPOC详情
57CVE-2020-1472 C++https://github.com/Rvn0xsy/ZeroLogonPOC详情
58Tool for mass testing ZeroLogon vulnerability CVE-2020-1472https://github.com/guglia001/MassZeroLogonPOC详情
59Tool for mass testing ZeroLogon vulnerability CVE-2020-1472https://github.com/likeww/MassZeroLogonPOC详情
60Nonehttps://github.com/dr4g0n23/CVE-2020-1472POC详情
61Lab introduction to ZeroLogonhttps://github.com/RicYaben/CVE-2020-1472-LABPOC详情
62Nonehttps://github.com/Akash7350/CVE-2020-1472POC详情
63Zerologon exploit for CVE-2020-1472https://github.com/G0urmetD/Zerologon-CVE-2020-1472POC详情
64This is a combination of the zerologon_tester.py code (https://raw.githubusercontent.com/SecuraBV/CVE-2020-1472/master/zerologon_tester.py) and the tool evil-winrm to get a shell.https://github.com/botfather0x0/ZeroLogon-to-ShellPOC详情
65MS-NRPC (Microsoft NetLogon Remote Protocol)/CVE-2020-1472https://github.com/logg-1/0logonPOC详情
66Nonehttps://github.com/whoami-chmod777/Zerologon-Attack-CVE-2020-1472-POCPOC详情
67Zabbix Template to monitor for Windows Event Viewer event's related to Netlogon Elevation of Privilege Vulnerability - CVE-2020-1472. Monitors event ID's 5827, 5828 & 5829. See: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472https://github.com/okay-scam/zabbix-template-CVE-2020-1472POC详情
68Zabbix Template to monitor for Windows Event Viewer event's related to Netlogon Elevation of Privilege Vulnerability - CVE-2020-1472. Monitors event ID's 5827, 5828 & 5829. See: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472https://github.com/McKinnonIT/zabbix-template-CVE-2020-1472POC详情
69Nonehttps://github.com/JolynNgSC/Zerologon_CVE-2020-1472POC详情
70Zeroscan is a Domain Controller vulnerability scanner, that currently includes checks for Zerologon (CVE-2020-1472), MS-PAR/MS-RPRN and SMBv2 Signing.https://github.com/B34MR/zeroscanPOC详情
71This is a combination of the zerologon_tester.py code (https://raw.githubusercontent.com/SecuraBV/CVE-2020-1472/master/zerologon_tester.py) and the tool evil-winrm to get a shell.https://github.com/c3rrberu5/ZeroLogon-to-ShellPOC详情
72A script to exploit CVE-2020-1472 (Zerologon)https://github.com/blackh00d/zerologon-pocPOC详情
73This project combines the Zerologon vulnerability exploit (CVE-2020-1472) with Impacket tools for streamlined exploitation and post-exploitation activities. It allows penetration testers to assess and demonstrate the impact of this critical vulnerability in a controlled and authorized environment.https://github.com/TuanCui22/ZerologonWithImpacket-CVE2020-1472POC详情
74Simulation of the Zerologon (CVE-2020-1472) vulnerability attack in Active Directory on Windows Server 2016 and the use of the Trend Micro Deep Security solution to prevent such attacks. https://github.com/PakwanSK/Simulating-and-preventing-Zerologon-CVE-2020-1472-vulnerability-attacks.POC详情
75Nonehttps://github.com/tdevworks/CVE-2020-1472-ZeroLogon-Demo-Detection-MitigationPOC详情
76Explicação e demonstração da vulnerabilidade ZeroLogon (CVE-2020-1472)https://github.com/100HnoMeuNome/ZeroLogon-CVE-2020-1472-labPOC详情
77End-to-end Domain Controller exploitation using Metasploit and Impacket: discovered DC10, exploited Zerologon (CVE-2020-1472), extracted NTLM hashes, gained SYSTEM shell, and established a Meterpreter session. https://github.com/nyambiblaise/Domain-Controller-DC-Exploitation-with-Metasploit-ImpacketPOC详情
78Zerologon (CVE-2020-1472) Proof-of-Concept application - Critical Active Directory vulnerability exploitation tool.https://github.com/mods20hh/ZeroLogon-PoC-DC-PwnPOC详情
79Scripts for a lab environment demonstrating the Zerologon (CVE-2020-1472) vulnerability.https://github.com/commit2main/zerologon-labPOC详情
80Research project exploring the ZeroLogon vulnerability. Includes technical write-up on exploit chains, troubleshooting, and server hardening.https://github.com/JeNilSE/CVE-2020-1472-ZeroLogon-AnalysisPOC详情
81Test tool for CVE-2020-1472https://github.com/bvcyber/CVE-2020-1472POC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2020-1472 的情报信息
Please 登录 to view more intelligence information
四、漏洞 CVE-2020-1472 的评论

暂无评论

发表评论