Wp Header Logo 18

noPac – Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Note: If -host-name is not specified, the tool will automatically get the domain control hostname, please select the hostname of the host specified by -dc-ip. If –impersonate is not specified, the tool will randomly choose a doamin admin to exploit. Use ldaps by default, if you get ssl error, try add -use-ldap .



Find the computer that can be modified by the current user.


Exp: add -no-add and target with -target-name.

Find CreateChild account, and use the account to exploit.

Exp: add -create-child


Leave a Comment

Leave a Reply

Your email address will not be published.

Toxssin – An XSS Exploitation Command-Line Interface And Payload Generator

ApacheTomcatScanner – A Python Script To Scan For Apache Tomcat Server Vulnerabilities

Doenerium – Fully Undetected Grabber (Grabs Wallets, Passwords, Cookies, Modifies Discord Client Etc.)

Hackers Are Hiding Malware In Space Images Taken From James Webb Space Telescope