Quantcast
Channel: Hacking Articles|Raj Chandel's Blog

Image may be NSFW.
Clik here to view.

Abusing AD-DACL : Generic ALL Permissions

 In this post, we explore the exploitation of Discretionary Access Control Lists (DACL) using the Generic ALL permission in Active Directory environments. This permission provides unrestricted access...

View Article


Image may be NSFW.
Clik here to view.

Abusing AD-DACL: ForceChangePassword

 In this post, we explore the exploitation of Discretionary Access Control Lists (DACL) using the ForcePasswordChange permission in Active Directory environments. This permission is especially...

View Article


Image may be NSFW.
Clik here to view.

Abusing AD-DACL: AllExtendedRights

In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the AllExtendedRights permission in Active Directory environments. With this permission, attackers can...

View Article

Image may be NSFW.
Clik here to view.

Abusing AD-DACL: GenericWrite

 In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the GenericWrite permission in Active Directory environments. This permission can be exploited by...

View Article

Image may be NSFW.
Clik here to view.

Abusing AD-DACL: WriteDacl

In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteDacl permission in Active Directory environments. Attackers can abuse WriteDacl permissions to...

View Article


Image may be NSFW.
Clik here to view.

Abusing AD-DACL: WriteOwner

 In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteOwner permission in Active Directory environments. The WriteOwner permission can be abused by...

View Article

Image may be NSFW.
Clik here to view.

Active Directory Pentesting Using Netexec Tool: A Complete Guide

Active Directory (AD) penetration testing is an essential part of the security assessment of enterprise networks. The Netexec tool offers a wide range of capabilities for AD enumeration, credential...

View Article

Image may be NSFW.
Clik here to view.

Abusing AD-DACL: AddSelf

In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the AddSelf permission in Active Directory environments. By exploiting this misconfiguration, attackers...

View Article


Image may be NSFW.
Clik here to view.

Diamond Ticket Attack: Abusing kerberos Trust

The Diamond Ticket attack represents a sophisticated escalation in Active Directory (AD) exploitation methods, leveraging intricate flaws in Kerberos authentication and authorization mechanisms. This...

View Article


Image may be NSFW.
Clik here to view.

Credential Dumping: AD User Comment

In this article, we shall explore different tools & techniques that help us enumerate Active Directory (AD) users' passwords using which an attacker can expand their access within the organization....

View Article

Image may be NSFW.
Clik here to view.

Abusing AD Weak Permission Pre2K Compatibility

Pre2K (short for "Pre-Windows 2000")Active Directory misconfigurations often stem from overlooked legacy settings in Windows environments. Common issues include enabling NTLM or SMBv1 for backward...

View Article

Image may be NSFW.
Clik here to view.

Shadow Credentials Attack

In this post, we explore the exploitation technique known as the Shadow Credentials attack. This attack leverages the mismanagement or exploitation of Active Directory Certificate Services (AD CS) to...

View Article

Image may be NSFW.
Clik here to view.

Credential Dumping: GMSA

Abusing AD-DACL: ReadGMSAPasswordReadGMSAPassword Attack is a technique where attackers abuse misconfigured Group Managed Service Accounts (gMSA) to retrieve their passwords. In Active Directory, only...

View Article


Image may be NSFW.
Clik here to view.

AD Certificate Exploitation: ESC1

The AD CS (Active Directory Certificate Services) certificate template is a predefined configuration in Microsoft AD CS that defines the type of certificate a user, computer, or service can request. It...

View Article

Image may be NSFW.
Clik here to view.

Sapphire Ticket Attack: Abusing Kerberos Trust

 The broad usage of Active Directory has made Kerberos attack the bread and butter of many hackers. Researchers have discovered the following new attacks techniques that allow an adversary to gain...

View Article


Image may be NSFW.
Clik here to view.

AD Certificate Exploitation: ESC2

 In the previous article of this AD CS series, we covered the basics of AD CS and demonstrated ESC1, one of the privilege escalation techniques. In this post, we'll explore ESC2 another escalation...

View Article

Image may be NSFW.
Clik here to view.

AD CS ESC3: Enrollment Agent Template

IntroductionActive Directory Certificate Services (ADCS) is commonly targeted in ESC3 certificate attacks, which exploit misconfigurations in certificate templates to enable serious vulnerabilities...

View Article


Image may be NSFW.
Clik here to view.

ESC4

 

View Article

Image may be NSFW.
Clik here to view.

AD CS ESC5 - Vulnerable PKI Object Access Control

 

View Article

Image may be NSFW.
Clik here to view.

ESC6 - EDITF_ATTRIBUTESUBJECTALTNAME2

The ESC6 attack is a sophisticated privilege escalation technique that targets Active Directory Certificate Services (ADCS). By exploiting misconfigured certificate templates and overly permissive CA...

View Article

Image may be NSFW.
Clik here to view.

ADCS ESC7 - Vulnerable Certificate Authority Access Control

View Article


Image may be NSFW.
Clik here to view.

Understanding the HTTP Protocol

 HTTP (Hyper Text Transfer Protocol) is basically a client-server protocol, wherein the client (web browser) makes a request to the server and in return, the server responds to the request. The...

View Article


Image may be NSFW.
Clik here to view.

Password Cracking: FTP

View Article

Image may be NSFW.
Clik here to view.

ADCS ESC8 – NTLM Relay to AD CS HTTP Endpoints

View Article

Image may be NSFW.
Clik here to view.

A Detailed Guide on Certipy

View Article



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>