all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

From DA to EA with ESC5

Add to bookmarks
May 16, 2023, 6:20 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

There’s a new, practical way to escalate from Domain Admin to Enterprise Admin.

ESC5

You’ve heard of ESC1 and ESC8. But what about ESC5? ESC5 is also known as “Vulnerable PKI Object Access Control”. Will Schroeder and Lee Christensen’s whitepaper mentions three classes of objects when discussing ESC5:


  • The CA server’s AD computer object (i.e., compromise through S4U2Self or S4U2Proxy)

  • The CA server’s RPC/DCOM server

  • Any descendant AD object or container in the container(e.g., the Certificate Templates container, Certification …

access access control compromise computer control domain domain admin enterprise lee object pki server vulnerable whitepaper

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

HijackLoader Updates 51 minutes ago | malware.news
architecture blog code code injection +13
RSAC 2024: U.S. Secretary of State Blinken advocates solidarity, not sovereignty, for cyber 2 hours ago | malware.news
advocates article blinken can +16
Online Scams: Are These All Scams? Distinguishing the Legit from the Scam 5 hours ago | malware.news
advancement authenticity domain etc +14
LNK File Disguised as Certificate Distributing RokRAT Malware 6 hours ago | malware.news
abnormal academy ahnlab asec +27
RSAC 2024: Google on the promise of large language models and cybersecurity 7 hours ago | malware.news
article cybersecurity defensive genai +13
NVIDIA patches three ChatRTX security bugs 9 hours ago | malware.news
apps article bugs chatrtx +10
RSAC 2024: How to use AI without getting in trouble 9 hours ago | malware.news
article don laws link +9
Ubuntu security advisory (AV24-242) 10 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
Red Hat security advisory (AV24-241) 10 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Operations Program Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Network Security engineer

@ NXP Semiconductors | Bengaluru (Nagavara)
View on infosec-jobs.com

DevSecOps Engineer

@ RP Pro Services | Washington, District of Columbia, United States
View on infosec-jobs.com

Consultant RSSI H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

TW Senior Test Automation Engineer (Access Control & Intrusion Systems)

@ Bosch Group | Taipei, Taiwan
View on infosec-jobs.com

Cyber Security, Senior Manager

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com
View more jobs