| Alyssa Snow In PART ONE and PART TWO of this blog series, we discussed common misconfigurations of Active Directory certificate templates. In this post, we will walk through exploitation [β¦]
The post Abusing Active Directory Certificate Services (Part 3) appeared first on Black Hills Information Security, Inc..
Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise Active Directory environment, such as paths of escalation from low privileged accounts to domain administrator.
The post Abusing Active Directory Certificate Services (Part 2) appeared first on Black Hills Information Security, Inc..
Active Directory Certificate Services (ADCS) is used for public key infrastructure in an Active Directory environment. ADCS is widely used in enterprise Active Directory environments for managing certificates for systems, users, applications, and more.
The post Abusing Active Directory Certificate Services (Part 1) appeared first on Black Hills Information Security, Inc..
Jordan Drysdale// This is basically a slight update and rip off of Marcelloβs work out here: https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html /tl;dr β Zero to DA on an environment through an exposed Outlook Web [β¦]
The post An SMB Relay Race β How To Exploit LLMNR and SMB Message Signing for Fun and Profit appeared first on Black Hills Information Security, Inc..
Β Carrie RobertsΒ // My current favorite exploit is creating malicious outlook rules as described here. The rule is configured to download an executable file with an EXE extension (.exe) when an [β¦]
The post Malicious Outlook Rule without an EXE appeared first on Black Hills Information Security, Inc..
Login
