AD CS ESC1 Privilege Escalation Tutorial | Exploit Active Directory Certificate Services
Walkthrough of PenTesting Active Directory Certificate Services (AD CS) ESC1 attack. This is a quick and easy way to escalate privileges from a low-level domain user to domain admin. I will also discuss and verify remediations for this misconfiguration.
Links:
PenTesting ESC8 Walkthrough:
• NTLM relay to AD CS ES...
Ceritpy Github:
github.com/ly4k/Certipy
Abusing AD CS Whitepaper:
specterops.io/wp-content/uplo...
DFSCoerce Github:
github.com/Wh04m1001/DFSCoerce
00:00 Intro
01:30 ESC1 Walkthrough
10:06 Remediation
14:31 Verify Remediation
Пікірлер: 4
Very good video.
could you make videos for multiple domain with firewall in a AD
Could you make videos on other esc attacks as well ?
@villaroot
Жыл бұрын
Yeah sure! I work on that