Privilege Escalation with Certify
Offered By: Pluralsight
Course Description
Overview
Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be used to find and compromise vulnerable configurations of Active Directory Certificate Services, allowing you to establish persistence and elevate your domain privileges.
During a Red Team engagement, after you have established a foothold and persistence on a system, you will want to elevate your privileges to further compromise the environment. Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be utilized to find and compromise vulnerable configurations of Active Directory Certificate Services. In this course, Privilege Escalation with Certify, we will use Certify to elevate our domain privileges by a few different methods available with the tool including abusing misconfigured Certificate Templates, vulnerable certificate and PKI Access Control Lists and using NTLM Relay to add AD Certificate Services Endpoints. We will even see how we can use AD CS to extract valid NTLM hashes for users and establish long term persistence all without having to touch LSASS.
During a Red Team engagement, after you have established a foothold and persistence on a system, you will want to elevate your privileges to further compromise the environment. Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be utilized to find and compromise vulnerable configurations of Active Directory Certificate Services. In this course, Privilege Escalation with Certify, we will use Certify to elevate our domain privileges by a few different methods available with the tool including abusing misconfigured Certificate Templates, vulnerable certificate and PKI Access Control Lists and using NTLM Relay to add AD Certificate Services Endpoints. We will even see how we can use AD CS to extract valid NTLM hashes for users and establish long term persistence all without having to touch LSASS.
Syllabus
- Course Overview 1min
- Privilege Escalation with Certify 16mins
- Resources 1min
Taught by
Kat Seymour
Related Courses
Active Directory Domain ServicesMicrosoft via Microsoft Learn Windows Server 2019 Training – Active Directory Certificate Service Step by Step
YouTube Managing Active Directory Certificate Service on Windows Server 2019
YouTube Microsoft 70-742: Identity in Windows Server 2016
Udemy Windows Server 2016: Active Directory Certificate Services
LinkedIn Learning