Lecture

Zerologon Vulnerability in Netlogon Protocol

Description

This lecture covers the Zerologon vulnerability in the Microsoft Netlogon Protocol, allowing attackers to authenticate as arbitrary users or devices without their password. It explains the Netlogon Protocol, session key establishment, flags in NetrServerAuthenticate, and exploiting the vulnerability to send requests. The lecture also delves into changing Active Directory passwords, exploiting the vulnerability to gain domain admin access, and the implications of NTLM hashes. It discusses previous Netlogon vulnerabilities, patches released by Microsoft, and the timeline of events related to Zerologon. References to related whitepapers and scripts are provided, along with insights on the severity of the vulnerability.

About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.