Zerologon Vulnerability in Netlogon Protocol

In course

Id elit ipsum cillum pariatur et ipsum amet velit Lorem dolore proident dolore. Aliqua laborum commodo sint reprehenderit culpa adipisicing ut minim ex consequat sunt laborum occaecat est. Quis ex dolor exercitation labore commodo labore occaecat cupidatat nostrud. Exercitation fugiat ex deserunt nulla id id commodo ea officia adipisicing elit cillum ipsum. Eu qui commodo exercitation voluptate cillum officia tempor tempor cillum. Reprehenderit aute est incididunt proident aliquip.

Description

This lecture covers the Zerologon vulnerability in the Microsoft Netlogon Protocol, allowing attackers to authenticate as arbitrary users or devices without their password. It explains the Netlogon Protocol, session key establishment, flags in NetrServerAuthenticate, and exploiting the vulnerability to send requests. The lecture also delves into changing Active Directory passwords, exploiting the vulnerability to gain domain admin access, and the implications of NTLM hashes. It discusses previous Netlogon vulnerabilities, patches released by Microsoft, and the timeline of events related to Zerologon. References to related whitepapers and scripts are provided, along with insights on the severity of the vulnerability.

Instructor

eiusmod tempor

Anim ex ut excepteur aliqua exercitation ea deserunt tempor dolore ut duis labore incididunt. Amet duis do dolor ipsum. Elit ipsum nulla aute sunt ex. Occaecat dolor consectetur esse adipisicing et culpa id id sit ea proident nulla ullamco.

Official source

https://mediaspace.epfl.ch/media/0_v8v613go

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Ontological neighbourhood

Computer engineering

Computer security: Public-key cryptography

Related lectures (37)