search for: zerologon_tester

Hi, I saw https://blog.rapid7.com/2020/09/14/cve-2020-1472-zerologon-critical-privilege-escalation/ and https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 today and I am wondering what impact if any this has on samba AD domains in particular and samba in general? Is samba using the "vulnerable Netlogon secure channel connection"? Will samba continue to

Yes $ ./zerologon_tester.py ap42 192.168.1.2 Performing authentication attempts... =================================================================================================================================================================================================================================================...

...and packages to change this default, as values of: - server schannel = no - server schannel = auto are NOT secure and we expect can result in full domain compromise, particularly for AD domains. Some public exploit tests, such as https://github.com/SecuraBV/CVE-2020-1472/blob/master/zerologon_tester.py only confirm that a ServerAuthenticate3 call operates, but not that the ServerPasswordSet2 call required to exploit the domain also operates. We are well aware of administrator concern and are looking to provide patches that provide mitigation here, to make the ServerAuthenticate3 call al...

...and packages to change this default, as values of: - server schannel = no - server schannel = auto are NOT secure and we expect can result in full domain compromise, particularly for AD domains. Some public exploit tests, such as https://github.com/SecuraBV/CVE-2020-1472/blob/master/zerologon_tester.py only confirm that a ServerAuthenticate3 call operates, but not that the ServerPasswordSet2 call required to exploit the domain also operates. We are well aware of administrator concern and are looking to provide patches that provide mitigation here, to make the ServerAuthenticate3 call al...