search

guardicore / monkey

Infection Monkey - An open-source adversary emulation platform
https://www.guardicore.com/infectionmonkey/
GNU General Public License v3.0
6.67k stars 785 forks source link

Zerologon adds suspicious password #1768

Closed VakarisZ closed 2 years ago

VakarisZ commented 2 years ago

Describe the bug

After zerologon + wmi are ran on all exploitable machines, a new password appears in the configuration. That password doesn't look like a typical password and the orgin of it is unknown.

To Reproduce

Steps to reproduce the behavior:

  1. Configure WMI + zerologon exploiter + all machines exploitable by these
  2. Run the agent
  3. Check config, see the long password that looks like a concatenation of hashes

Tasks

VakarisZ commented 2 years ago

Closed, moved to https://github.com/guardicore/monkey/issues/1771