exploiting-zerologon-vulnerability-cve-2020-1472

SUSPICIOUS: the skill is an offensive exploitation runbook that enables unauthenticated domain controller compromise, credential dumping, and remote admin access. Its capabilities are internally consistent with its stated red-team purpose, but giving an AI agent exploit and credential-theft instructions makes it high risk and unsuitable for general deployment.

This document is a high-risk exploitation playbook for CVE-2020-1472 (Zerologon) that provides actionable steps to reset a DC machine account password to empty, perform DCSync to extract all domain credential hashes (including krbtgt), and obtain full domain compromise via Pass-the-Hash and Golden Ticket techniques. It should be treated as offensive material: if present where not explicitly authorized, consider it a security incident, remove sensitive content, and investigate authorship and intent. If used for authorized testing, enforce strict approvals, monitoring, and immediate restoration procedures.