Certify
Certify copied to clipboard
GhostPack
Active Directory certificate abuse.
See https://github.com/GhostPack/Certify/pull/8#issuecomment-1166334891
Unable to build Certify - This project references NuGet package(s) that are missing on this computer
Hello, Let me start off stating that I am far from a Visual Studio expert but I have successfully built projects before, including Rubeus. I have installed Visual Studio 2019...
Hi, Probably you already aware about problems related to running certify in non domain machine. Even if I tried different test cases (runas, netonly, ptt, cmd over pth) each time...
The latest commit (on Visual Studio 2019) introduces a bug for the 7th check, specifically CS8629. A quick check to make sure it isn't null fixes it. Figured I'd send...
Two new commands have been added in order to replicate PSPKI functionalities to perform the ESC7 attack: - setconfig: It allows to abuse ManageCA permission to both enable EDITF_ATTRIBUTESUBJECTALTNAME2 and...
Seems to be issues handling CA-NAME with spaces included. The graves accent nor quotations resolve the issue
Hi. To prevent the trouble of converting pem output with `openssl`, I added the functionality to output pfx in Base64 format to the `request` command. The added options are following:...
Hi. Thank you very much for your effort that went into all this research! I am trying to abuse ESC6 from a non domain-joined machine. I am aware of the...
As discussed on BH slack: Compiled Certify on Win10 2004 with VS2019. Executed via Cobalt Strike's execute-assembly on Windows Server 2012R2. `Certify.exe find /vulnerable` appeared to work fine. `Certify.exe request...
Hi, I was trying out some requests and an exception is returned during execution. Compiled on Windows Server 2022 with VS2019. `.\Certify.exe find /vulnerable` or `.\Certify.exe find /clientauth` works fine....
