Wednesday, October 27, 2021

Using PetitPotam to NTLM relay to Domain Administrator

From Stranger to DA // Using PetitPotam to NTLM relay to Domain Administrator

Knock knock, who’s there? Your new DA!

Several vulnerabilities that have been recently disclosed, namely:

MS-EFSRPC – AKA PetitPotam

– AKA PetitPotam Credential Relaying abusing the AD CS role

Any attacker with internal network access, such as a phished client or a malicious planted device in the network, can take over the entire Active Directory domain without any initial credentials. Domain Controllers and AD CS…

Read More

Latest news
Related news