Are you an EPFL student looking for a semester project?
Work with us on data science and visualisation projects, and deploy your project as an app on top of Graph Search.
This lecture covers the Zerologon vulnerability in the Microsoft Netlogon Protocol, allowing attackers to authenticate as arbitrary users or devices without their password. It explains the Netlogon Protocol, session key establishment, flags in NetrServerAuthenticate, and exploiting the vulnerability to send requests. The lecture also delves into changing Active Directory passwords, exploiting the vulnerability to gain domain admin access, and the implications of NTLM hashes. It discusses previous Netlogon vulnerabilities, patches released by Microsoft, and the timeline of events related to Zerologon. References to related whitepapers and scripts are provided, along with insights on the severity of the vulnerability.