gdedrouas / exchange-ad-privesc Goto Github PK
View Code? Open in Web Editor NEWExchange privilege escalations to Active Directory
License: MIT License
exchange-ad-privesc's People
Contributors
Stargazers
Watchers
Forkers
test1213145 vysecurity gavz dm2333 mrtaheramine voidp34r izogain johnjohnsp1 jbarcia theralfbrown caledoniaproject cparmn av1080p superuser5 shantanu561993 minkione limkokholefork c002 fuckup1337 wflk rajivraj scanfsec kernullist qsdj mgcfish w00t3k suriya73 c0dak listinvest m00zh33 dr1ipr pktlabs orf53975 slooppe attackgithub bxlcity preventions raystyle headburgh michaelrlovett vivesg sasqwatch vitty84 bigbrobro trumthiphi triplekill aarandomhacker niall-caffrey kg7qin fengjixuchui imulmul killvxk 1337g avi8892 afsinguven startagain2016 jenniexlisa ameg-yag pryon w4fz5uck5 strcpy3-zz rmccarth pixelza digitalarche red-infosec vanpersiexp timmytr1ll an4kein 5l1v3r1 leomatias rahmiy dannymas b1u3f331 imendax polling-repo-continua cjoan75 zha0 actorexpose l34rn wisdark certcube-range 30579096 sensi-1337 fdlucifer darkgryph91 0xmahmoudjo0 coolhand1 ddostest123 crimsonlabs-io jrandomsage ououover jabdy86 jimmysax 0xbishop cvlabsio kaydaskalakis anshumansrivastavagit donovoi shigophilo s33k3exchange-ad-privesc's Issues
Alt-Security-Identities patched
Hey,
I noticed that this ACE here in my lab environment:
ObjectDN : CN=AdminSDHolder,CN=System,DC=external,DC=local
InheritedObject : Computer
Object : Alt-Security-Identities
ActiveDirectoryRights : WriteProperty
InheritanceType : All
ObjectType : 00fbf30c-91fe-11d1-aebc-0000f80367c1
InheritedObjectType : bf967a86-0de6-11d0-a285-00aa003049e2
ObjectFlags : ObjectAceTypePresent, InheritedObjectAceTypePresent
AccessControlType : Deny
IdentityReference : EXTERNAL\Exchange Trusted Subsystem
IsInherited : False
InheritanceFlags : ContainerInherit
PropagationFlags : None
There is an identical ACE on the domain head object. So the attack is now limited to users which are not protected by AdminSDHolder.
I can't find any information from Microsoft regarding when/how they added that. The only thing I could find was this comment on reddit: https://www.reddit.com/r/exchangeserver/comments/m0bafh/exchange_2016_cu19_ad_permission_change/
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.