exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 2 of 2

Files from Siddharth Balyan

Understanding And Exploiting Zerologon

Posted Jan 6, 2021

Authored by Siddharth Balyan, Nandini Rana

Zerologon is a vulnerability in Microsoft's Netlogon Remote Procedural Call (MS-NRPC) protocol. Specifically, this vulnerability occurs due to an incorrect implementation of the AES-128 Counter Feedback mode of operation. This vulnerability was given a CVSS score of 10 by Microsoft and can be carried out by anyone with a foothold in the network. This paper aims to explain the detail and working of MS-NRPC protocol, its vulnerability, and finally cover how to exploit it, something which the original paper by Secura left out.

tags | paper, remote, protocol

advisories | CVE-2020-1472

MD5 | 941b59db31d2ceb9c4233ac44fa7d62a

Download | Favorite | View

The R.A.T In The Shell

Posted Feb 14, 2020

Authored by Pradyumn Khanchandani, Siddharth Balyan, Monika Arora

This whitepaper is an analysis of the breach into the Kudankulam Nuclear Power Plant through the lens of Cyber Kill Chain, the study of remote access trojans, and the targeting of critical infrastructure.

tags | paper, remote, trojan

MD5 | c9ed98dbcbf5c0a3dfbec128ccf74d1b

Download | Favorite | View