risksense / zerologon

Exploit for zerologon cve-2020-1472
MIT License
635 stars 146 forks source link

why bruteforce in reinstall_original_pw ? #3

Closed DidierA closed 4 years ago

DidierA commented 4 years ago

Why does reintsall_original_pw use the same attack to logon? At this point the target's account password should be empty, can't we use the hash of an empty password to authenticate?

DidierA commented 4 years ago

It’s actually done here: https://github.com/dirkjanm/CVE-2020-1472