all InfoSec news
Relaying Kerberos Authentication from DCOM OXID Resolving
Malware Analysis, News and Indicators - Latest topics malware.news
Recently, there's been some good research into further exploiting DCOM authentication that I initially reported to Microsoft almost 10 years ago. By inducing authentication through DCOM it can be relayed to a network service, such as Active Directory Certificate Services (ADCS) to elevated privileges and in some cases get domain administrator access.
The important difference with this new research is taking the abuse of DCOM authentication from local access (in the case of the many Potatoes) to fully remote …
access active directory adcs administrator a network authentication can cases certificate certificate services dcom directory domain exploiting good important kerberos malware analysis microsoft network privileges relaying research service services