CVE-2022-26923

This repository contains a vulnerability scanner for detecting common Active Directory vulnerabilities, including CVE-2022-26923 (ADCS relay attacks). The code includes modules for interacting with ADCS (Active Directory Certificate Services) and other AD-related services.

This PoC demonstrates privilege escalation in Active Directory Certificate Services (AD CS) by manipulating the DnsHostName attribute to obtain a certificate, leading to domain administrator privileges. It uses Certipy and Impacket to exploit CVE-2022-26923.

This PoC demonstrates privilege escalation via CVE-2022-26923 by exploiting misconfigured Active Directory Certificate Services (AD CS) templates. It loads Certify and Rubeus in memory to request a certificate for an administrative user, convert it to .pfx, and generate a Kerberos ticket for privilege escalation.

This repository is a writeup for CVE-2022-26923, detailing the exploitation of a vulnerability in Active Directory Certificate Services. It includes references to external resources and explanations but does not contain exploit code.

This repository provides a proof-of-concept exploit for CVE-2022-26923, a privilege escalation vulnerability in Active Directory Certificate Services (AD CS). It includes a script to set up the environment and detailed steps to exploit the vulnerability, resulting in domain administrator privileges.

This repository contains a functional exploit script for CVE-2022-26923 (Certifried), which automates privilege escalation in Active Directory environments by abusing AD CS. It includes two methods: direct PKINIT hash extraction and a fallback using RBCD + S4U for NTLM hash dumping.

This repository provides a detailed technical analysis of CVE-2022-26923, a privilege escalation vulnerability in Active Directory Certificate Services (AD CS). It explains the core mechanics, including computer account manipulation, SPN modification, and certificate enrollment to achieve Domain Admin privileges.

This repository contains a functional exploit script for CVE-2022-26923 (Certifried), which abuses Active Directory Certificate Services to escalate privileges. The script automates the creation of a machine account, requests a certificate, and performs RBCD attacks to gain administrative access.

This repository provides a detailed guide on exploiting CVE-2022-26923, a privilege escalation vulnerability in Active Directory Certificate Services (AD CS). It includes steps for setting up virtual machines, configuring networks, and executing the exploit using tools like Impacket and Certipy.

This repository provides a detailed writeup on CVE-2022-26923, a privilege escalation vulnerability in Microsoft Active Directory Certificate Services (AD CS). It explains how an attacker can exploit the Machine template to impersonate a Domain Controller by modifying the DNS Name of a newly enrolled host.

This Metasploit module exploits CVE-2022-26923 (Certifried) to escalate privileges in Active Directory Certificate Services (ADCS) by impersonating a Domain Controller account, requesting a certificate, and authenticating via PKINIT to obtain a TGT and TGS for privileged access.