Lecture

Zerologon Vulnerability in Netlogon Protocol

In course

Ad enim Lorem sunt exercitation ea voluptate sunt duis commodo. Ea adipisicing eu cillum culpa dolor velit ea laboris nulla adipisicing reprehenderit et ex veniam. Incididunt aliquip officia elit cillum commodo ex amet dolore ad cupidatat sunt amet ea. Adipisicing fugiat fugiat aliquip mollit duis sunt nostrud proident aliqua incididunt Lorem anim laboris labore. Ipsum sunt voluptate fugiat minim minim Lorem consequat veniam consectetur deserunt dolore.

Description

This lecture covers the Zerologon vulnerability in the Microsoft Netlogon Protocol, allowing attackers to authenticate as arbitrary users or devices without their password. It explains the Netlogon Protocol, session key establishment, flags in NetrServerAuthenticate, and exploiting the vulnerability to send requests. The lecture also delves into changing Active Directory passwords, exploiting the vulnerability to gain domain admin access, and the implications of NTLM hashes. It discusses previous Netlogon vulnerabilities, patches released by Microsoft, and the timeline of events related to Zerologon. References to related whitepapers and scripts are provided, along with insights on the severity of the vulnerability.

Instructor

ad in consequat

Proident nulla mollit Lorem laborum cillum aute cupidatat. Ipsum dolor cillum pariatur eu cupidatat ipsum voluptate ex id. Sunt consequat cupidatat ex minim id ut ullamco adipisicing fugiat sint cillum voluptate.

Official source

https://mediaspace.epfl.ch/media/0_v8v613go

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Ontological neighbourhood

Computer engineering

Computer security: Public-key cryptography

Related lectures (36)

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.