Had some fun with PDQ deploy/inventory credential decryption and wrote about it here: unsigned-sh0rt.net/posts/pdq_cr... thanks to
@dru1d.bsky.social for writing a BOF out of the POC
tl;dr get admin on PDQ box, decrypt privileged creds
@dru1d.bsky.social for writing a BOF out of the POC
tl;dr get admin on PDQ box, decrypt privileged creds
Decrypting PDQ credentials | unsigned_sh0rt's blog
Walkthrough of how PDQ credentials encrypts service credentials
unsigned-sh0rt.net
April 11, 2025 at 9:09 PM
Had some fun with PDQ deploy/inventory credential decryption and wrote about it here: unsigned-sh0rt.net/posts/pdq_cr... thanks to
@dru1d.bsky.social for writing a BOF out of the POC
tl;dr get admin on PDQ box, decrypt privileged creds
@dru1d.bsky.social for writing a BOF out of the POC
tl;dr get admin on PDQ box, decrypt privileged creds
Reposted by Garrett
#SCCM forest discovery accounts can be decrypted—even those for untrusted forests. If the site server is a managed client, all creds can be decrypted via Administration Service API.
Check out our latest blog post from @unsignedsh0rt.bsky.social to learn more. ghst.ly/4buoISp
Check out our latest blog post from @unsignedsh0rt.bsky.social to learn more. ghst.ly/4buoISp
Decrypting the Forest From the Trees - SpecterOps
TL;DR: SCCM forest discovery accounts can be decrypted including accounts used for managing untrusted forests. If the site server is a managed client, service account credentials can be decrypted via ...
ghst.ly
March 6, 2025 at 8:34 PM
#SCCM forest discovery accounts can be decrypted—even those for untrusted forests. If the site server is a managed client, all creds can be decrypted via Administration Service API.
Check out our latest blog post from @unsignedsh0rt.bsky.social to learn more. ghst.ly/4buoISp
Check out our latest blog post from @unsignedsh0rt.bsky.social to learn more. ghst.ly/4buoISp
Reposted by Garrett
Awesome new addition to krbrelayx by Hugow from Synacktiv: www.synacktiv.com/publications...
Relaying Kerberos over SMB using krbrelayx
www.synacktiv.com
November 20, 2024 at 4:02 PM
Awesome new addition to krbrelayx by Hugow from Synacktiv: www.synacktiv.com/publications...
Claude.ai is so sick. I might actually fool people into believing I know how to code with this
Claude
Talk with Claude, an AI assistant from Anthropic
Claude.ai
November 21, 2024 at 5:33 AM
Claude.ai is so sick. I might actually fool people into believing I know how to code with this
Was doing some digging "What's New" in Server2025 learn.microsoft.com/en-us/window... specifically the changes to pre-2k machines. Oddvar and I had spoken previously about the changes being solid and demonstrated pre-created machines in ADUC could no longer be set with a default password.
November 15, 2024 at 5:25 AM
Was doing some digging "What's New" in Server2025 learn.microsoft.com/en-us/window... specifically the changes to pre-2k machines. Oddvar and I had spoken previously about the changes being solid and demonstrated pre-created machines in ADUC could no longer be set with a default password.
Guess this is the place to be then
November 12, 2024 at 4:04 AM
Guess this is the place to be then