filmov
tv
ECS8: The New Domain Escalation That Could Ruin You
Показать описание
How ECS8 Works? Domain escalation just got easier.
PetitPotam + NTLM relay = Domain Admin in minutes.
Here's the breakdown:
1. PetitPotam forces authentication
2. NTLM relay captures the creds
3. ADCS web enrollment is the weak link
4. Generate a DC certificate
5. Use it for instant domain escalation
The scariest part? It works on default configs.
Are your AD Certificate Services properly secured?
If you're unsure, it's time for a thorough review.
Don't wait for an attacker to find this vulnerability first.
Don't forget to like, subscribe, and hit the notification bell to stay updated on the latest in pentesting!
#ADCS #ActiveDirectoryCertificateServices #Cybersecurity #ESC8 #NetworkSecurity #CertificateAuthority #ADCSSecurity #CyberDefense #ITSecurity #RedTeaming #BlueTeam #PrivilegeEscalation #DigitalCertificates #SecurityControls #EthicalHacking #EnterpriseSecurity #InfoSec #ThreatMitigation #CyberThreats
PetitPotam + NTLM relay = Domain Admin in minutes.
Here's the breakdown:
1. PetitPotam forces authentication
2. NTLM relay captures the creds
3. ADCS web enrollment is the weak link
4. Generate a DC certificate
5. Use it for instant domain escalation
The scariest part? It works on default configs.
Are your AD Certificate Services properly secured?
If you're unsure, it's time for a thorough review.
Don't wait for an attacker to find this vulnerability first.
Don't forget to like, subscribe, and hit the notification bell to stay updated on the latest in pentesting!
#ADCS #ActiveDirectoryCertificateServices #Cybersecurity #ESC8 #NetworkSecurity #CertificateAuthority #ADCSSecurity #CyberDefense #ITSecurity #RedTeaming #BlueTeam #PrivilegeEscalation #DigitalCertificates #SecurityControls #EthicalHacking #EnterpriseSecurity #InfoSec #ThreatMitigation #CyberThreats
0:00:55
0:38:26
0:02:15
0:54:52
1:12:53