Advanced Search
Search Results
25 total results found
ESC12
ESC13
If a principal (user or computer) has enrollment rights on a certificate template configured with an issuance policy that has an OID group link, then this principal can enroll a certificate that allows obtaining access to the environment as a member of the gro...
ESC14
If we are able to enroll certificates as someone else (user or computer), we can compromise a target principal using explicit certificate mapping. Requirements There is 4 scenarios: ESC14 Scenario A: Write altSecurityIdentities on Target The attacker has writ...
Ressources
SpecterOps https://specterops.io/wp-content/uploads/sites/3/2022/06/Certified_Pre-Owned.pdf ESC13 https://posts.specterops.io/adcs-esc13-abuse-technique-fda4272fbd53 ESC14 https://posts.specterops.io/adcs-esc14-abuse-technique-333a004dc2b9 HTB ADCS https://aca...
checksec
Description checksec is a security auditing tool used to examine compiled binaries and determine what security protections are enabled. It’s commonly used in reverse engineering and binary exploitation to assess the difficulty of exploiting a program. checksec...