Closed DidierA closed 4 years ago
Why does reintsall_original_pw use the same attack to logon? At this point the target's account password should be empty, can't we use the hash of an empty password to authenticate?
It’s actually done here: https://github.com/dirkjanm/CVE-2020-1472
Why does reintsall_original_pw use the same attack to logon? At this point the target's account password should be empty, can't we use the hash of an empty password to authenticate?