Awesome
Invoke-ZeroLogon
This code was heavily adapted from the C# implementation by the NCC Group's Full Spectrum Attack Simulation team and the original CVE published by Secura. This script can be run in two modes:
- When the reset parameter is set to True, the script will attempt to reset the target computer’s password to the default NTLM hash (essentially an empty password).
- By default, reset is set to False and will simply scan if the target computer is vulnerable to the ZeroLogon exploit (CVE-2020-1472).
WARNING: Resetting the password of a Domain Controller is likely to break the network. DO NOT use the reset parameter against a production system unless you fully understand the risks and have explicit permission.