clarkeehey, this is really serious!!! thanks to the work of @[email protected] (kpasswd protocol in impacket), managed to exploit this easily on a Samba AD Domain.
π₯with a normal user, successfully changed the Administrator password.π₯
(sorry for the blanking, this is a prod domain :) ) https://twitter.com/subtee/status/1589250212736176129
π¦π: https://twitter.com/an0n_r0/status/1589405818885398528