Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
2 résultats taggé active-directory  ✕
Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2025-21293) https://birkep.github.io/posts/Windows-LPE/#proof-of-concept-code
08/02/2025 14:28:06
QRCode
archive.org
thumbnail

In September of 2024 while on a customer assigment I encountered the “Network Configuration Operators” group, a so called builtin group of Active Directory (default). As I had never heard of or encountered this group membership before, it sprung to eye immediately. Initially I tried to look up if it had any security implications, like its more known colleagues DNS Admins and Backup Operators, but to no avail. Surpisingly little came up about the group but I couldn’t help myself from probing further. This led me down the rabbithole of Registry Database access control lists and possibilities of weaponization, culminating with the discovery of CVE-2025-21293. Before we move along to the body of work, I have to give out a special thanks to Clément Labro, who initially did the heavy lifting of finding a way to weaponize performancecounters. (This will hopefully make more sense by the end of the article) and my colleagues at ReTest Security ApS, who have provided me with knowledge in the field and the oppertunity to put it to use.

birkep EN 2025 CVE-2025-21293 vulnerability Active-Directory Network Configuration Operators
CVE-2022-26925 : Patchez vos machines Windows sans attendre https://www.it-connect.fr/securite-cve-2022-26925-relais-ntlm-cette-vulnerabilite-touche-toutes-les-versions-de-windows/
11/05/2022 17:42:36
QRCode
archive.org
thumbnail

CVE-2022-26925 : Microsoft a corrigé une faille de sécurité zero-day qui touche toutes les versions de Windows et qui permet une attaque par relais NTLM.

it-connect FR NTLM active-directory microsoft windows entreprise CVE-2022-26925
4490 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio