You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If attacker has local admin rights on a certification authority machine, he can generate arbitrary certificates with this command that can be used for logging on to the domain with arbitrary accounts (including domain/enterprise admin, domain controllers accounts and the like), without them appearing in the certification authority logs.
The text was updated successfully, but these errors were encountered:
Hi, as described here (in german, use a translator please): https://www.gradenegger.eu/?p=19939
If attacker has local admin rights on a certification authority machine, he can generate arbitrary certificates with this command that can be used for logging on to the domain with arbitrary accounts (including domain/enterprise admin, domain controllers accounts and the like), without them appearing in the certification authority logs.
The text was updated successfully, but these errors were encountered: