Understanding and Exploiting Zerologon

This paper aims to explain the detailed working of Zerologon vulnerability. Zerologon vulnerability arise due to insecure implementation of AES-128 Counter Feedback Mode of Operation in Microsoft Netlogon Remote Procedure Calls (MS-NRPC) protocol.

Key Pointers:

Understanding what is Netlogon protocol and how it works.
Different vulnerabilities in this protocol and how to check for them.
Prerequisites to setup the lab to perform the exploit.
Running the testers and crafting the exploit.
Mitigatiuons and Preventions to prevent such attacks.

Download Research Paper

Blog

Feb 19, 2025

How to Identify Hidden Risks in Your Vendor Ecosystem

Blog

Feb 19, 2025

Introducing the SAFE Cyber Risk Podcast with Former BofA CTO David Reilly on How to Manage Cyber Risk at Enterprise Scale

Blog

Feb 18, 2025

Understanding and Exploiting Zerologon

SUBSCRIBE TO WEEKLY BLOG NEWSLETTER

RELATED POSTS

How to Identify Hidden Risks in Your Vendor Ecosystem

Introducing the SAFE Cyber Risk Podcast with Former BofA CTO David Reilly on How to Manage Cyber Risk at Enterprise Scale

Why Third-Party Risk Is the CFO’s Newest Problem

SHARE THE PAGE