all InfoSec news
From DA to EA with ESC5
May 16, 2023, 6:20 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
There’s a new, practical way to escalate from Domain Admin to Enterprise Admin.
ESC5
You’ve heard of ESC1 and ESC8. But what about ESC5? ESC5 is also known as “Vulnerable PKI Object Access Control”. Will Schroeder and Lee Christensen’s whitepaper mentions three classes of objects when discussing ESC5:
- The CA server’s AD computer object (i.e., compromise through S4U2Self or S4U2Proxy)
- The CA server’s RPC/DCOM server
- Any descendant AD object or container in the container(e.g., the Certificate Templates container, Certification …
access access control compromise computer control domain domain admin enterprise lee object pki server vulnerable whitepaper
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Security Operations Program Manager
@ Microsoft | Redmond, Washington, United States
Sr. Network Security engineer
@ NXP Semiconductors | Bengaluru (Nagavara)
DevSecOps Engineer
@ RP Pro Services | Washington, District of Columbia, United States
Consultant RSSI H/F
@ Hifield | Sèvres, France
TW Senior Test Automation Engineer (Access Control & Intrusion Systems)
@ Bosch Group | Taipei, Taiwan
Cyber Security, Senior Manager
@ Triton AI Pte Ltd | Singapore, Singapore, Singapore