DES Is Useful... Sometimes

Posted on Tue 08 August 2023 in Active Directory • Tagged with active directory, infrastructure, windows, kerberos

Using DES to hijack AD accounts


Continue reading

External Trusts Are Evil

Posted on Tue 14 March 2023 in Active Directory • Tagged with active directory, infrastructure, windows, kerberos

Breaking trust transitivity for fun and profit


Continue reading

Defending the Three Headed Relay

Posted on Mon 09 May 2022 in Active Directory • Tagged with active directory, infrastructure, windows, kerberos, defence

Investigating Kerberos relaying and defending against it


Continue reading

More sAMAccountName Impersonation

Posted on Sat 11 December 2021 in Active Directory • Tagged with active directory, infrastructure, windows, kerberos

Some more examples of weaponising CVE-2021-42287/CVE-2021-42278


Continue reading

CVE-2021-42287/CVE-2021-42278 Weaponisation

Posted on Fri 10 December 2021 in Active Directory • Tagged with active directory, infrastructure, windows, kerberos

An example of weaponising CVE-2021-42287/CVE-2021-42278


Continue reading

Another Delegation Edge Case

Posted on Mon 17 May 2021 in Active Directory • Tagged with active directory, infrastructure, windows, kerberos

Demonstrating another type of S4U and a use case


Continue reading