Forest Compromise Through AMA Abuse
Authentication Mechanism Assurance (AMA) is a useful feature to protect sensitive assets. However, it turns out it can be leveraged for nefarious purposes.
Tag: PKI
Manually injecting a SID in a certificate
With KB5014754, released on May 10, 2022, a CA injects the Security Identifier (SID) of accounts as a new extension in issued certificates. But what if we want to inject it manually?
Supply in the Request Shenanigans
Active Directory Certificate Services makes it easy to issue certificates for any organization. But is there something lurking beneath the surface?
Q&D Security 