Recent (and Relevant) Vulnerabilities

Active Directory vulnerabilities emerge frequently, and some can be extremely dangerous.

Here are a few major recent ones:

• ZeroLogon (CVE-2020-1472)
• PrintNightmare (CVE-2021-34527)
• Sam the Admin (CVE-2021-36934)

Important Considerations Before Exploiting Vulnerabilities

• Always get client approval before attempting any exploitation.
• Some of these vulnerabilities can completely break Active Directory—even permanently.
• Before running an attack, ask yourself:
  • How severe is this vulnerability?
  • What are the potential consequences if I exploit it?

Severity Breakdown

• ZeroLogon → Extremely risky: In most cases, do not run this attack.
• PrintNightmare & Sam the Admin → Possibly exploitable, but still requires caution.

Safer Alternatives

Instead of directly attacking, you can check for these vulnerabilities using:

• GitHub scripts
• Various security tools These allow you to determine if Active Directory is vulnerable without actively exploiting it.