all InfoSec news
ADCS ESC13 Abuse Technique
Malware Analysis, News and Indicators - Latest topics malware.news
It is possible to configure an Active Directory Certificate Services (ADCS) certificate template with an issuance policy having an OID group link to a given AD group. This configuration makes AD treat principals authenticating with a certificate of this template as members of the group, even though the principals are not actual members. Hence, principal with enrollment rights on such a certificate template has the possibility of escalating their privileges with the permissions granted to the group.
We will in …
abuse active directory adcs certificate certificate services configuration directory link policy services template