CVE-2015-0006 PoC — Microsoft NLA安全功能规避漏洞

Source

Associated Vulnerability

Description

Proof of concept for CVE-2015-0006. Fixed in MS15-005 https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-005 .

Readme

# IMPOSTER

A pentest tool used to attack windows clients on rogue networks.

## Current version

###Features

* Downgrade LDAP to NTLM authentication
* Fake initial steps of an domain controller to fool Network Location Awareness

### Servers
DNS, CLDAP, LDAP

## Setup

The current version have been tested on Kali Linux but should on other operating systems as well.

### Dependencies

* pyasn1
* dnspython

### Quick setup on Kali Linux
Use the following steps to setup imposter on a Kali Linux machine.
```
git clone https://github.com/bugch3ck/imposter.git
cd imposter/src
git clone https://github.com/rthalley/dnspython.git
ln -s dnspython/dns dns
apt-get install pyasn1
```

## Changelog

### Version 0.1
Private release 2014-06-05. Implements DNS, CLDAP and LDAP. Can downgrade LDAP bind to use NTLM and fake successful authentication to trick Network Location Awareness to set the domain policy.

File Snapshot

 [4.0K]  /data/pocs/0f186a79892b480577370224b46c6d695a2565ab
├── [ 906]  README.md
└── [4.0K]  src
    ├── [1.8K]  imposter.py
    ├── [1.5K]  mscldap_server.py
    ├── [2.4K]  mscldap_utils.py
    ├── [2.1K]  msdns_server.py
    ├── [3.1K]  msldap_server.py
    ├── [2.5K]  msldap_utils.py
    ├── [4.0K]  ntlm.py
    ├── [4.0K]  proto
    │   ├── [  56]  cldap.py
    │   ├── [   0]  __init__.py
    │   ├── [  23]  ldap.py
    │   ├── [ 658]  rfc1798.py
    │   └── [ 22K]  rfc2251.py
    └── [ 112]  servers.py

2 directories, 14 files

Remarks