Manual Exploitation of AD CS ESC15 Vulnerability Discussed
/ 1 min read
🛠️ Manual Exploitation of AD CS ESC15 Vulnerability Explored. This blog post details the manual exploitation of an Active Directory Certificate Services (AD CS) ESC15 vulnerability when a Domain User has enrollment rights for a Webserver template. The author faced challenges, including the invisibility of the template in the Windows Certificate Enrollment wizard and firewall restrictions on the AD CS RPC endpoint. To exploit the vulnerability, the author created a certificate request using the Windows certreq binary, requiring a properly configured INF file. The post acknowledges contributions from various individuals and highlights the collaborative effort in addressing the vulnerability. For those interested, the article provides insights into the exploitation process and the necessary steps involved.
