Monday, June 27, 2022

Chaining Shadow Credentials and ADCS Template Abuse

On a recent red team engagement, our team was tasked with focusing on Active Directory Certificate Services (ADCS) exploitation. The objective was to identify certificate template misconfigurations and potentially achieve privilege escalation by abusing them. The concepts and attacks used were based around the work and whitepaper by Will Shroeder (@harmj0y) and Lee Christensen (@tifkin_).

While many organizations with ADCS implementations are uncovering extremely compromising misconfigurations …

Read More

Latest news
Related news