Carl Sörqvist

Forest Compromise Through AMA Abuse

Authentication Mechanism Assurance (AMA) is a useful feature to protect sensitive assets. However, it turns out it can be leveraged for nefarious purposes.

May 27, 2022 Kerberos / PKI

Manually injecting a SID in a certificate

With KB5014754, released on May 10, 2022, a CA injects the Security Identifier (SID) of accounts as a new extension in issued certificates. But what if we want to inject it manually?

May 29, 2021 Certificates / Kerberos / Remote Desktop

Remote Desktop, MFA, Network Level Authentication and KDC Proxy

Introduction Recently I was presented with a challenge at one of my customers. We were setting up a new, completely

September 4, 2020 Active Directory Certificate Services / Certificates / PKI / Technology

Supply in the Request Shenanigans

Active Directory Certificate Services makes it easy to issue certificates for any organization. But is there something lurking beneath the surface?

August 12, 2020 Active Directory Federation Services / Technology

Bypassing WIA on ADFS

AD FS Single Sign-On is a wonderful feature for your users, as they don’t have to log on manually after logging on to their computer. But what if you need to provide Forms-Based Authentication for some clients or users?