关联漏洞
标题:Microsoft Windows Active Directory 输入验证错误漏洞 (CVE-2021-42278)Description:Microsoft Windows Active Directory是美国微软(Microsoft)公司的一个负责架构中大型网络环境的集中式目录管理服务。存储有关网络上对象的信息,并使管理员和用户可以轻松查找和使用这些信息。 Microsoft Windows Active Directory存在输入验证错误漏洞。以下产品和版本受到影响:Windows Server 2012 R2 (Server Core installation),Windows Server 2019,Windows Server
Description
Detection script for CVE-2021-42278 and CVE-2021-42287
介绍
## About
Detection script for CVE-2021-42278 and CVE-2021-42287
## Usage
```
The detection script uses the domain account credentials to determine the possibility of the vulnerabilities.
usage: noPac-detection.py [-h] [-debug] -dc-ip <IP address> -targetUser <Target Username> credentials
optional arguments:
-h, --help show this help message and exit
-debug Turn DEBUG output ON
mandatory:
-dc-ip <IP address> IP of the domain controller to use. Useful if you can't translate the FQDN.specified in the
account parameter will be used
-targetUser <Target Username>
The target user to retrieve the PAC of
credentials domain/username[:password]. Valid domain credentials to use for grabbing targetUser's PAC
```
>Note: All mandatory values are necessary for the script to function, supportes debug mode,the TargetUser can be any domain connected user account, always set domain as domain.local For Ex: megacorp.local, cars.local etc.,
***
### Examples:
+ `$ python noPac-detection.py MARVEL.local/pparker:P#%DG323c89 -targetUser fcastle -dc-ip 192.168.10.13`
***
文件快照
[4.0K] /data/pocs/6ca63b5f4022ed8de769fc5217a02064a5a487d3
├── [5.7K] noPac-detection.py
├── [1.2K] README.md
├── [ 26] Requirements.txt
└── [4.0K] resources
└── [ 31K] image.png
1 directory, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。