A team of cyber-security researchers has developed an experimental exploit that harnesses a patched Windows vulnerability, and the results are quite impressive. The exploit can be used to gain access to the Active Directory domain controllers, which play the role of door guards for computers connected to a network.
The vulnerability comes with a secure critical rating and the maximum threat level according to the Common Vulnerability Scoring System. However, it does require access to a target network, but such a task can be handled easily by using compromised devices or other tactics.
Post-compromise exploits are a great boon for attackers who wish to inject spyware and other types of malicious software on infected machines. One of the easiest ways to breach a secure network is to fool employees into clicking a modified link, usually via email attachments.
In most cases, the greatest challenge is to escalate low-level privileges to gain access to valuable data. The new proof-of-concept exploits developed by the security researchers grant instant access to admin-grade privileges, allowing them to take over the Active Directory and perform a variety of tasks or changes without restrictions.
Easy to harness
In a nutshell, once the attacker manages to gain access to the network, they have the option to do whatever they with little to no effort since the attack is fully unauthenticated and there is no need to obtain or rely on user credentials, a trait which makes the exploit even more dangerous.
According to the team, the exploit developed by them is quite effective, and it won’t be released until the patch that was released by Microsoft is installed across a large number of servers. However, others could use the patch to reverse-engineer their way to the vulnerability and develop an alternate exploit that could be even better.
The vulnerability is also known as Zerologon.