Security Research

We have followed this BT KB Article - KB0016985 : How to confirm AD connectivity - Prerequisites required by Password Safe for Active Directory connections on to solve the issues of AD Connectivity. 2024-11-08 16:06:26.354 +00:00 [Debug] ()  Starting BTTestADGroupResolutionTool 1.2.1.0 2024-11-08 16:07:42.855 +00:00 [Debug] ()  Starting BTTestADGroupResolutionTool 1.2.1.0 2024-11-08 16:08:31.147 +00:00 [Information] ()  Attempting connectionless LDAP query 2024-11-08 16:08:33.711 +00:00 [Information] ()  Successfully got a response? True 2024-11-08 16:08:33.712 +00:00 [Debug] ()  LDAP ping took 00:00:02.5639690 2024-11-08 16:08:33.712 +00:00 [Information] ()  About to do lookup for the entered user 2024-11-08 16:08:33.713 +00:00 [Debug] ()  GetPrincipalForDomain-> usessl:True, domainname:UGX1ADDC01N01,adusername:srv_bt_BindAcc 2024-11-08 16:08:33.713 +00:00 [Debug] ()  GetPrincipalForDomain-> using the ADCred setup for the domain UGX1ADDC01N01 2024-11-08 16:08:33.715 +00:00 [Info

Abuse of Active Directory Certificate Services has been on the rise since 2021, with a growing number of techniques to abuse misconfigured template or vulnerable services. These are fairly common in enterprise environments and can provide attackers with a path to easily authenticate as a domain administrator from any standard domain account.I can highly recommend the posts by Raul Carmona and colleagues on ADCS attack paths:https://www.beyondtrust.com/blog/entry/esc1-attacks https://www.beyondtrust.com/blog/entry/esc4-attacksWe also have a webinar on the topic which includes an explanation and a demo of how these attacks work:https://www.beyondtrust.com/webinars/iam-leaders-and-ad-admins-are-ad-cs-misconfigurations-and-similar-issues-giving-every-user-a-path-to-your-domain-adminA few questions for discussion:Is this an area that you are actively looking into? Do you need assistance or education in these areas to help you understand them better? Have you uncovered these vulnerabilities