Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Administered by:

Server stats:

223
active users

eupolicy.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

#activedirectory

3 posts3 participants0 posts today
Public
:mastodon: decio

Tiens, il y a un PoC d'exploitation pour la vulnérabilité BadSuccessor 👀

BadSuccessor, est une technique d'escalade de privilèges dans Active Directory. Elle exploite l’attribut peu connu dMSA ( delegated Managed Service Account) pour injecter un objet malveillant. Si un utilisateur a juste les droits "CreateChild" sur une OU (Organizational Unit), il peut créer un compte spécial et s’en servir pour devenir Domain Admin.

( 91% des environnements d'entreprise analysés par Akamai sont vulnérables à cette attaque. )
👇
akamai.com/blog/security-resea

Et maintenant, il y a un PoC fonctionnel côté offensive.
⬇️
SharpSuccessor
Un outil .NET qui automatise le processus. Il permet à un utilisateur peu privilégié de :

  • Créer un objet dMSA piégé dans une OU sur laquelle il a les droits "CreateChild"

  • Associer cet objet à sa propre session utilisateur

  • Et obtenir les privilèges de domaine admin
    👇
    github.com/logangoins/SharpSuc

Mitigation

"Until a formal patch is released by Microsoft, defensive efforts should focus on limiting the ability to create dMSAs and tightening permissions wherever possible."

  • Limiter les droits "CreateChild" :
    Réviser les permissions sur les OU et restreindre la création d’objets aux seuls comptes administratifs de confiance.

  • Surveiller les créations et modifications de dMSA :
    Configurez des audits pour les événements AD pertinents (Event IDs 5136, 5137) afin de détecter toute activité suspecte liée aux dMSA.

  • Utiliser des outils de détection :
    Employer des scripts comme Get-BadSuccessorOUPermissions.ps1 ( github.com/akamai/BadSuccessor ) pour identifier les comptes ayant des permissions à risque pour remédiation.

[ dans les news infosec ]
⬇️
"SharpSuccessor PoC Released to Weaponize Windows Server 2025 BadSuccessor Flaw"
👇
gbhackers.com/sharpsuccessor-p

#CyberVeille#BadSuccessor#PoC
Public *
Christoph Schmees

Microsoft will Fehler nicht flicken

In Server 2025 hat Microsoft (MS) eine neue Funktion namens dMSA eingeführt. Diese Funktion enthält eine Sicherheitslücke, die schon in Standard-Konfiguration funktioniert und trivial für Angriffe ausnutzbar ist. Das hat der CDN-Provider Akamai herausgefunden und an MS gemeldet, sogar begleitet von einem PoC Exploit.

pc-fluesterer.info/wordpress/2

www.pc-fluesterer.infoMicrosoft will Fehler nicht flicken | pc-flüsterer bremen
#Hintergrund#Warnung#0day
Public *
Marco Ivaldi

A couple of days ago, I unearthed my first #computer, an #MSX straight from the ‘80s. It was lost in some box in the basement for who knows how long. Just feeling its power switch gave me the goosebumps…

This discovery came after sharing my hacker’s origin story with Nic Fillingham and Wendy Zenone in a new episode of Microsoft’s #BlueHat #Podcast.

thecyberwire.com/podcasts/the-

Join us while we chat about my first-ever #CVE, overlooked #vulnerabilities that continue to pose significant risks today, #ActiveDirectory and #password security, my unexpected journey into #bugbounty hunting and my involvement in the #ZeroDayQuest, how to learn new things, mentorship and positive leadership, and of course pineapple pizza 🍍🍕

This is how you make a hacker
Public
Lenin alevski 🕵️💻

New Open-Source Tool Spotlight 🚨🚨🚨

GOAD (Game of Active Directory) by Orange-Cyberdefense is a lab for pentesting Active Directory environments. With multiple configurations like GOAD-Mini and SCCM labs, it helps security professionals practice AD attack techniques. Caution: Designed for isolated lab use only. #ActiveDirectory #Cybersecurity

🔗 Project link on #GitHub 👉 github.com/Orange-Cyberdefense

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Public
Lenin alevski 🕵️💻

New Open-Source Tool Spotlight 🚨🚨🚨

Active Directory Certificate Services (AD CS) can be a goldmine if misconfigured. Tools like Certipy simplify enumeration and abuse, leveraging techniques like Shadow Credentials, Golden Certificates, and domain escalation paths (ESC1-ESC11). #CyberSecurity #RedTeam

Certipy's `shadow` command exemplifies ADCS weaknesses. By manipulating `msDS-KeyCredentialLink`, you can take over accounts via PKINIT. It's seamless but devastating for privilege escalation. #Pentesting #ActiveDirectory

Golden Certificates mimic Golden Tickets but target ADCS. Using a compromised CA private key, an attacker can forge certs for domain controllers or users. Certipy automates this process—caution with CA backups. #InfoSec #PKI

🔗 Project link on #GitHub 👉 github.com/ly4k/Certipy

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Public
Cassander

Is today #FediHire Friday? Sure looks like it!

What I'm looking for: A senior level, individual contributor role supporting Windows, Active Directory, Certificates, PKI, Azure, and information security in a large environment. Interested in relocating outside of the US. I like to solve weird problems and make computers run smoothly. I want to help others use technology effectively.

My main focus the last few years has been rebuilding and modernizing a struggling certificate management team. That includes growing the team to meet our company needs, migrating our AD-integrated private PKI stack, getting a handle on our web PKI consumption, and making massive improvements to our certificate lifecycle management platform. I supported and advised our CyberSec and Desktop teams as we rolled out multi-factor authentication to 50,000 employees and contractors across the US. My background in understanding deep computer fundamentals, talent for quickly grasping nuances of larger systems, and calmness in a crisis have contributed to quickly resolving major technology outages regardless of root cause.

This role hasn't been exclusively technical. A big part of my current job is building relationships with our developers to help them understand how certificates work, the responsible ways to use them, and what our relevant internal policies are. I've been training and teaching junior and mid-level engineers both practical PKI concepts and our specific enterprise requirements. I've gotten to spend some time with upper management to both explain the immediate challenges we've had and the plans we can implement improve our infrastructure, reducing costs and outages.

While this position has been focused on certs and how to use them, I'm very comfortable considering a technical leadership role for Windows (server and desktop) administration and Active Directory. I also have some good experience with Azure and virtualization platforms, but they haven't been my daily focus for several years.

My current employer is direct retail for general public consumers. I've also worked in banking/finance, manufacturing, and architecture firms. The common thread is I love to help people leverage technology for their goals, to help them be more effective.

In my personnel/volunteer time I've done very similar: working backstage with lights/sounds/projections so live performers can do their best.

Right now I'm in Syracuse, New York (about five hours from NYC), but I'm open to relocation/migration anywhere in the world.

PMs open if you want to talk details. Boosts/reshares appreciated.

#Job#GetFediHired#ITJobs
Public
heise Security

Am Dienstag: Das Active-Directory-Webinar von heise security

Wer ein Active Directory betreibt, sollte Ebenen trennen und gesicherte Admin-Workstations nutzen. Dieses Webinar gibt praktische Hilfe bei der Umsetzung.

heise.de/news/Am-Dienstag-Das-

heise online · Am Dienstag: Das Active-Directory-Webinar von heise security
More from ju
#ActiveDirectory#Security#news
Replied in thread
Public
Peter König

@HonkHase

Lass mich raten: Es wurden die vier Reiter der digitalen Apokalypse eingesetzt: #Windows, #MSO, #Outlook und #ActiveDirectory?

Btw: Gibt es Versicherungen für Unternehmen, die das Risiko für den leichtfertigen Einsatz proprietärer Software am Malus auf der Rechnung erkennbar machen?

Und die bei Nutzung von "nachgewiesen gut abgehangener, FOSS" sowie sauberen Geschäftsprozessen günstigere Konditionen einräumen, weil sich Risikowerte dann überhaupt erst #voodoofrei ermitteln lassen?

ExploreLive feeds
About