Giters

PKXLIVE / zerologon

Test script for CVE-2020-1472 for both RPC/TCP and RPC/SMB

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Zerologon test for SMB & RPC

A python script based on SecuraBV script.

Demonstrates that CVE-2020-1472 can be done via RPC/SMB, and not only over RPC/TCP.

Additionaly, there is a random byte in the final client challange & client credential - to test against trivial IDS signatures. The RPC/SMB scan runs by default. Depending on the target server, some may require a valid authenticated user to get permission to the netlogon pipe.

Execution

usage: zerologon_test.py [-h] [-u] [-d] [-p] [-t] [-pp] dc_name dc_ip

Perform zerologon test over RPC/TCP or RPC/SMB

positional arguments:
  dc_name               NetBIOS name of the domain controller
  dc_ip                 ip address of the domain controller

optional arguments:
  -h, --help, /?, /h, /help
                        show this help message and exit
  -u , --user           authenticated domain user,may be required for SMB
  -d , --domain         domain name, required only when authentication over SMB
  -p , --pass           authenticated domain user's password, may be required for SMB
  -t , --type           rpc or smb scan. choices: [smb, rpc], (default: 'smb').
  -pp, --privacy        if exists adds packet privacy

About

Test script for CVE-2020-1472 for both RPC/TCP and RPC/SMB

License:MIT License

Languages

Language:Python 100.0%