Active Directory Certificate Services Exploitation
Explanation Credit: Will Schroeder and Lee Christensen were the ones who originally figured out a lot of the ADCS vulnerabilities.
Continue reading…Active Directory Certificate Services Exploitation
Category: Uncategorized
Silver Ticket in Active Directory
To make it simple: Silver tickets are forged Service tickets. Service tickets are tickets that allow users to access services.
Golden Ticket in Active Directory
Explanation When a user authenticates to a service in an Active Directory network, Kerberos will give them a ticket which
Weak File Permissions – Linux PrivEsc
Weak File Permissions In Linux, file permissions are used to control who can access files and directories and what level
Null Authentication – Active Directory Enumeration
Null Authentication Null Authentication: The client connects to a server (SMB, RPC, etc) without providing any credentials. The server will
Continue reading…Null Authentication – Active Directory Enumeration
Bypass UAC: Windows Privilege Escalation
What is UAC? User Account Control is a security feature in Windows that protects the machine from unauthorized code. Its
Dumping Hashes in Active Directory (Mimikatz)
Mimikatz is a tool that is primarily used for retrieving sensitive information from Windows operating systems. Its commonly used for
Continue reading…Dumping Hashes in Active Directory (Mimikatz)
Kerberoasting – Active Directory
Kerberoasting is a method used to extract password hashes of Active Directory service accounts, which are often used for running
Scheduled Tasks – Windows PrivEsc
Scheduled tasks are automated tasks that run on a predefined schedule or in response to a specific event on a
Transferring files from Kali to Windows
On Kali, start a python webserver Then, download the file on windows
