Abusing Active Directory Certificate Services (Part 3)
| Alyssa Snow In PART ONE and PART TWO of this blog series, we discussed common misconfigurations of Active Directory certificate templates. In this post, we will walk through exploitation […]
exploit
Abusing Active Directory Certificate Services – Part 2
| Alyssa Snow Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise Active Directory environment, such as paths of escalation from low privileged accounts to […]
Abusing Active Directory Certificate Services – Part One
| Alyssa Snow Active Directory Certificate Services (ADCS)1 is used for public key infrastructure in an Active Directory environment. ADCS is widely used in enterprise Active Directory environments for managing […]
An SMB Relay Race – How To Exploit LLMNR and SMB Message Signing for Fun and Profit
Jordan Drysdale// This is basically a slight update and rip off of Marcello’s work out here: https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html /tl;dr – Zero to DA on an environment through an exposed Outlook Web […]
Malicious Outlook Rule without an EXE
Carrie Roberts // My current favorite exploit is creating malicious outlook rules as described here. The rule is configured to download an executable file with an EXE extension (.exe) when an […]