all InfoSec news
From DA to EA with ESC5
May 16, 2023, 6:14 p.m. | Andy Robbins
Security Boulevard securityboulevard.com
There’s a new, practical way to escalate from Domain Admin to Enterprise Admin.
ESC5
You’ve heard of ESC1 and ESC8. But what about ESC5? ESC5 is also known as “Vulnerable PKI Object Access Control”. Will Schroeder and Lee Christensen’s whitepaper mentions three classes of objects when discussing ESC5:
- The CA server’s AD computer object (i.e., compromise through S4U2Self or S4U2Proxy)
- The CA server’s RPC/DCOM server
- Any descendant AD object or container in the container(e.g., the Certificate Templates container, Certification …
access access control bloodhound-enterprise computer control cybersecurity domain domain admin enterprise lee microsoft object pki research sbn news security server vulnerable whitepaper
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
Red Team Penetration Tester and Operator, Junior
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
Director, Security Operations & Risk Management
@ Live Nation Entertainment | Toronto, ON
IT and Security Specialist APAC (F/M/D)
@ Flowdesk | Singapore, Singapore, Singapore
Senior Security Controls Assessor
@ Capgemini | Washington, DC, District of Columbia, United States; McLean, Virginia, United States
GRC Systems Solution Architect
@ Deloitte | Midrand, South Africa
Cybersecurity Subject Matter Expert (SME)
@ SMS Data Products Group, Inc. | Fort Belvoir, VA, United States