PetitPotam

Lateral Movement – WebClient

Coercing elevated accounts such as machine accounts to authenticate to a host under the control of an attacker can provide an opportunity for privilege escalation… Continue reading → Lateral Movement – WebClient

3 years ago

Pentestlab

Open in Source

#Lateral Movement #PetitPotam #RBCD #Red Team #Resource Based Constrained Delegation #WebDAV #web #mac

PetitPotam – NTLM Relay to AD CS

Deployment of an Active Directory Certificate Services (AD CS) on a corporate environment could allow system administrators to utilize it for establishing trust between different… Continue reading → PetitPotam – NTLM Relay to AD CS

3 years ago

Pentestlab

Open in Source

#Domain Escalation #Active Directory #AD CS #Certificate #Mimikatz #NTLM Relay #PetitPotam #Rubeus

Security News: Microsoft Patch Tuesday August 2021, Phishers Started Using reCAPTCHA, Scan 1 IP and Go to Jail

Hello everyone! Yet another news episode. Microsoft’s August Patch Tuesday Let’s start with Microsoft’s August Patch Tuesday. I think the most interesting thing is that it contains a fix for the PetitPotam vulnerability. I talked about this vulnerability two weeks ago. At the time, Microsoft had no plans to release a patch because PetitPotam was […]

3 years ago

Alexander V. Leonov

Open in Source

#blog #Security News #Video #Vulnerability #Vulristics #Microsoft #NTLM #PetitPotam #reCAPTCHA #RouterScan

Last Week’s Security news: Serious Sam in Metasploit, PetitPotam, Zimbra Hijack, Joint Advisory TOP30 CVEs

Hello everyone! Last Week’s Security News, July 26 – August 1. Serious Sam in Metasploit Last week I talked about the Serious Sam vulnerability (CVE-2021-36934), also known as HiveNightmare. The name HiveNightmare comes from the fact that Windows stores its registry data in a small number of proprietary database files called hives. Due to mismanagement […]

Tag

#PetitPotam