Thanks for watching! You can access the full ADCS lab setup and download files using the link below:
https://buymeacoffee.com/offensiveopslabs/e/516220
It includes the lab instructions and required resources. Let us know if you need help setting it up.
Blog:https://www.rbtsec.com/blog/active-directory-certificate-attack-adcs-esc6/
#adcs — #ESC6 If the EDITF_ATTRIBUTESUBJECTALTNAME2 is set on CA, then every template with client authentication enabled is vulnerable to ESC1 and can be used to request a certificate with a user-defined Subject Alternative Name even for domain admins.
Educational Disclaimer:
All content is intended for educational purposes only, to promote ethical hacking and security research.
#ADCS #adcsattack #Pentesting #ActiveDirectory #CyberSecurity #EthicalHacking #RedTeam #SecurityResearch #EscalationTechniques #ADSecurity #ESC6 #pentest #internalpentest #redteam
