itsMe Posted July 23, 2023 Share Posted July 23, 2023 This is the hidden content, please Sign In or Sign Up ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is currently in its first drafts and will undergo further refinements and additions in future updates for sure. Features Enumerate Domain Administrators via LDAP Enumerate Domaincontrollers via LDAP Enumerate Certificate Authorities via Certipy Exploitation of ESC1 Exploitation of ESC8 Todos Tests, Tests, Tests Enumerate principals which are allowed to dcsync Use dirkjanm’s gettgtpkinit.py to receive a ticket instead of Certipy auth Support DC Certificate Authorities ESC2 – ESC7 ESC9 – ESC11? Automated add an ADIDNS entry if required Support DCSync functionality This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts