David Kennedy
@cyb3rc3lt.bsky.social
Father, husband, hacker, Irish
redteaming.org
redteaming.org
Pinned
David Kennedy
@cyb3rc3lt.bsky.social
· Nov 15
ADCS Exploitation Series — Part 2: Certificate Mapping + ESC15
Certificate mapping is the process at the heart of multiple ADCS vulnerabilities, so I thought it would be appropriate to dedicate it its…
medium.com
Great article on ESC15 especially after you realise PKInit won't work to auth but there is a workaround supplied too.
medium.com/@offsecdeer/...
medium.com/@offsecdeer/...
Looks like linpeas.sh is no more after that code extracting user data was spotted.
November 29, 2024 at 7:24 AM
Looks like linpeas.sh is no more after that code extracting user data was spotted.
Great article on ESC15 especially after you realise PKInit won't work to auth but there is a workaround supplied too.
medium.com/@offsecdeer/...
medium.com/@offsecdeer/...
ADCS Exploitation Series — Part 2: Certificate Mapping + ESC15
Certificate mapping is the process at the heart of multiple ADCS vulnerabilities, so I thought it would be appropriate to dedicate it its…
medium.com
November 15, 2024 at 7:58 AM
Great article on ESC15 especially after you realise PKInit won't work to auth but there is a workaround supplied too.
medium.com/@offsecdeer/...
medium.com/@offsecdeer/...