Update resources zerologon vulnerability
parent
245949eb6c
commit
a9bb545da2
|
@ -69,6 +69,7 @@ This document was designed to be a useful, informational asset for those looking
|
|||
|
||||
## Privilege Escalation
|
||||
### Zerologon
|
||||
* [Cobalt Strike ZeroLogon-BOF](https://github.com/rsmudge/ZeroLogon-BOF)
|
||||
* [CVE-2020-1472 POC](https://github.com/dirkjanm/CVE-2020-1472)
|
||||
* [Zerologon: instantly become domain admin by subverting Netlogon cryptography (CVE-2020-1472)](https://www.secura.com/blog/zero-logon)
|
||||
|
||||
|
@ -90,7 +91,6 @@ This document was designed to be a useful, informational asset for those looking
|
|||
* [No Shells Required - a Walkthrough on Using Impacket and Kerberos to Delegate Your Way to DA](http://blog.redxorblue.com/2019/12/no-shells-required-using-impacket-to.html)
|
||||
|
||||
#### Unconstrained Delegation
|
||||
* [Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the Domain)](https://adsecurity.org/?p=1667)
|
||||
* [Domain Controller Print Server + Unconstrained Kerberos Delegation = Pwned Active Directory Forest](https://adsecurity.org/?p=4056)
|
||||
* [Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the Domain)](https://adsecurity.org/?p=1667)
|
||||
* [Unconstrained Delegation Permissions](https://blog.stealthbits.com/unconstrained-delegation-permissions/)
|
||||
|
@ -516,6 +516,7 @@ Advanced Threat Protection and Advanced Threat Analytics](https://www.blackhat.c
|
|||
|Password Spraying|4625: An account failed to log on<br>4771: Kerberos pre-authentication failed<br>4648: A logon was attempted using explicit credentials|
|
||||
|
||||
### Resources
|
||||
* [How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472](https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc)
|
||||
* [Securing Active Directory: Performing an Active Directory Security Review](https://www.hub.trimarcsecurity.com/post/securing-active-directory-performing-an-active-directory-security-review)
|
||||
* [ACTIVE DIRECTORY SECURITY ASSESSMENT CHECKLIST](https://www.cert.ssi.gouv.fr/uploads/guide-ad.html)
|
||||
* [ASD Strategies to Mitigate Cyber Security Incidents](https://acsc.gov.au/publications/Mitigation_Strategies_2017.pdf)
|
||||
|
|
Loading…
Reference in New Issue