Monday, March 10, 2025
Latest:
NETWORK ADMINISTRATIONSWindows server

Hacking Into a Domain Controller (Windows Server 2016) – ZeroLogon

Alice AUSTIN

Hacking Into a Domain Controller (Windows Server 2016):

– Target IP : 192.168.91.139 (Windows Server 2016)
– Attacker’s IP : 192.168.91.134 (Kali Linux)

#Attack_Steps:

1. Identify target IP address
2. Identify opened ports and obtained associated information from the target
3. Identify if the target is vulnerable to Zerologon Vulnerability (CVE-2020-1472)
4. Reset the domain machine password into empty strings
5. Perform DCsync attack against the target to extract passwords hashes
6. Gain access into the target using Pass-The-Hash technique

As demonstrated, the domain controller (Windows Server 2016) is vulnerable to Zerologon Vulnerability (CVE-2020-1472) which could allow a remote attacker to gain control over the domain controller without user interaction.

#Mitigation:
Check for the necessary actions required recommended by Microsoft.

#Disclaimer:
For demonstration and educational purpose only. The demonstration has been conducted within a controlled lab (#THECyb0rg Lab) environment. — #TheCyb0rg

source

windows server

Alice AUSTIN

Alice AUSTIN is studying Cisco Systems Engineering. He has passion with both hardware and software and writes articles and reviews for many IT websites.

You May Also Like

How to enable SYN cookies on windows server 2008? (2 Solutions!!)

Alice AUSTIN

CentOS 7 setting, Apach + PHP + MySQL install, 집에서 웹서버 구축하기, Home Web server build, 계륵 옛날 자료, 고수님 퇴장

Tripp Lite SNMPWEBCARD UPS Remote Monitoring and control via SNMP, Web, or Telne

Leave a Reply

Your email address will not be published. Required fields are marked *