I am writing about that PKI stuff again. I am running out of ideas for catchy introductions. So, here is a new post with old code! In Active Directory a UPN is mapped to a user automatically if it matches a user’s LDAP attribute userPrincipalName (and a DNS SAN is mapped to dnsHostName). A Windows…
Tag: Public Key Infrastructure
The RSA Algorithm
You want this: Encrypt a message to somebody else – using information that is publicly available. Somebody else should then be able to decrypt the message, using only information they have; nobody else should be able to read this information. The public key cryptography algorithm RSA does achieve this. This article is my way of…
Impersonating a Windows Enterprise Admin with a Certificate: Kerberos PKINIT from Linux
This is about a serious misconfiguration of a Windows Public Key Infrastructure integrated with Active Directory: If you can edit certificate templates, you can impersonate the Active Directory Forests’s Enterprise Administrator by logging on with a client certificate. You have a persistent credential that will also survive the reset of this admin’s password. In the…
Sizzle @ hackthebox – Unintended: Getting a Logon Smartcard for the Domain Admin!
My writeup – how to pwn my favorite box on hackthebox.eu, using a (supposedly) unintended path. Sizzle – created by @mrb3n813 and @lkys37en – was the first box on HTB that had my favorite Windows Server Role – the Windows Public Key Infrastructure / Certification Authority. This CA allows a low-privileged user – amanda –…
Certificates and PKI. The Prequel.
Some public key infrastructures run quietly in the background since years. They are half forgotten until the life of a signed file has come to an end – but then everything is on fire. In contrast to other seemingly important deadlines (Management needs this until XY or the world will come to an end!) this…
Bots, Like This! I am an Ardent Fan of HTTPS and Certificates!
This is an experiment in Machine Learning, Big Data, Artificial Intelligence, whatever. But I need proper digression first. Last autumn, I turned my back on social media and went offline for a few days. There, in that magical place, the real world was offline as well. A history of physics museum had to be opened,…
Network Sniffing for Everyone – Getting to Know Your Things (As in Internet of Things)
Simple Sniffing without Hubs or Port Mirroring for the Curious Windows User [Jump to instructions and skip intro] Your science-fiction-style new refrigerator might go online to download the latest offers or order more pizza after checking your calendar and noticing that you have to finish a nerdy project soon. It may depend on your geekiness…
Automatic Mapping of Logon Certificates to Users in Active Directory
This post has originally been published to my other / ‘archive’ website in 2014, first as a PDF, later converted to a HTML article. I am publishing it here on my WordPress blog in April 2022, using its original publication date – as it predates most of the other articles in my PKI UPN AD…
Diffusion of iTechnology in Corporations (or: Certificates for iPhones)
[Jump to technical stuff] Some clichés are true. One I found confirmed often is about how technologies are adopted within organizations: One manager meets another manager at a conference / business meeting / CIO event. Manager X show off the latest gadget and/or brags about presents a case-study of successful implementation of Y. Another manager…
The Strange World of Public Key Infrastructure and Certificates
An e-mail discussion related to my recent post on IT security has motivated me to ponder about issues with Public Key Infrastructure once more. So I attempt – most likely in vain – to merge a pop-sci introduction to certificates with sort of an attachment to said e-mail discussion. So this post might be opaque…
What I Never Wanted to Know about Security but Found Extremely Entertaining to Read
This is in praise of Peter Gutmann‘s book draft Engineering Security, and the title is inspired by his talk Everything You Never Wanted to Know about PKI but were Forced to Find Out. Chances are high that any non-geek reader is already intimidated by the acronym PKI – sharing the links above on LinkedIn I have been…
On Science Communication
In a parallel universe I might work as a science communicator. Having completed my PhD in applied physics I wrote a bunch of job applications, one of them being a bit eccentric: I applied at the Austrian national public service broadcaster. (According to Wikipedia Austria was the last country in continental Europe after Albania to…
Trading in IT Security for Heat Pumps? Seriously?
Astute analysts of science, technology and the world at large noticed that my resume reads like a character from The Big Bang Theory. After all, an important tag used with this blog is cliché, and I am dead serious about theory and practice of combining literally anything. [Edit in 2016: At the time of writing this post,…
elkemental Force 