AD CS ESC4 Privilege Escalation Tutorial | Exploit Active Directory Certificate Services
Вставка
- Опубліковано 22 чер 2024
- Walkthrough of PenTesting Active Directory Certificate Services (AD CS) ESC4 attack. This is a quick and easy way to escalate privileges from a low-level domain user to domain admin by abusing misconfigured template permissions. I will also discuss and verify remediations for this misconfiguration.
Links:
PenTesting ESC8 Walkthrough:
• NTLM relay to AD CS ES...
PenTesting ESC1 Walkthrough:
• AD CS ESC1 Privilege E...
Ceritpy Github:
github.com/ly4k/Certipy
Abusing AD CS Whitepaper:
specterops.io/wp-content/uplo...
00:00 Intro
00:33 Misconfigured Template on CA
02:07 ESC4 Walkthrough
11:08 Revert Changes
13:07 Remediation for ESC4
Appreciate your efforts in making this demo. Very informative.😊