I just wanted to thank you for getting this information out there. You also broke it down in a very easy to understand way. Most importantly you shed light on the remediation path. Other posts have been vague to misleading when it comes to how you should fix this vulnerability. Thank YOU!!!

@villaroot

7 ай бұрын

Very welcome! I'm glad you enjoyed the work I put into it!

Excellent run through!

Great Clip! Thanks you. Would be great one day if you covered all 8 🙂

@villaroot

5 ай бұрын

I was wondering if that would be valuable to ppl. So thanks for letting me know it might be!

Great content

This is a great explanation.

@villaroot

5 ай бұрын

Thanks! I'm glad you liked it

Great vid man!

@villaroot

3 ай бұрын

Thanks!

good one 👍🏻

Excellent video, I learned this attack from this video half a year ago but I have one question that still: If the HTTP NTLM authentication would use HTTPS instead of just cleartext, how would that change this attack vector if at all?

@villaroot

2 ай бұрын

Thanks for the support! I was digging more into the HTTPS mitigation. And it looks like just having HTTPS wont fix it, it also has to have extended protection and authentication (EPA) set to 'required'. support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429

Hi, would you share any blog post on how to setup ESC8 in my AD lab environment?

@villaroot

Жыл бұрын

Here's a good blog about setting up AD CS on a server. To get the ESC8 vuln, select the 'Web enrollment' role when you are in the 'role services' section. dinika-15.medium.com/installing-active-directory-certificate-services-ad-cs-4db7d0950289

@cmphande

11 ай бұрын

how to contact you on LinkedIn?

@cmphande

11 ай бұрын

I have personal educational questions to ask you.

@villaroot

11 ай бұрын

@@cmphande Hi, I have a twitter you can message me on at Villaroot