Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cube0x0/noPac

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
https://github.com/cube0x0/noPac

Last synced: 22 days ago
JSON representation

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

Host: GitHub
URL: https://github.com/cube0x0/noPac
Owner: cube0x0
Created: 2021-12-11T19:27:30.000Z (about 3 years ago)
Default Branch: main
Last Pushed: 2021-12-16T09:50:15.000Z (almost 3 years ago)
Last Synced: 2024-08-05T17:26:09.878Z (4 months ago)
Language: C#
Size: 348 KB
Stars: 1,317
Watchers: 27
Forks: 319
Open Issues: 3
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - cube0x0/noPac - CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. (C# #)

README

        # noPac

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. Yet another low effort domain user to domain admin exploit.

If a Domain Controller is vulnerable it will return a TGT without a PAC, all eyes on small size tickets.

![](Images/scan.png)

![](Images/exploit.png)

## Mitigation

Patch your Domain Controllers!

## Credits

[Charlie Clark](https://twitter.com/exploitph) for his Rubeus fork and [Kevin Robertson](https://twitter.com/kevin_robertson) for SharpMad