Comments for Ethical Chaos https://ethicalchaos.dev/ Personal InfoSec development blog Thu, 03 Feb 2022 04:09:00 +0000 hourly 1 https://wordpress.org/?v=6.9.4 Comment on Attacking Smart Card Based Active Directory Networks by Certified Pre-Owned - Malware https://ethicalchaos.dev/2020/10/04/attacking-smart-card-based-active-directory-networks/#comment-620 Thu, 03 Feb 2022 04:09:00 +0000 https://ethicalchaos.dev/?p=244#comment-620 […] a PR to Rubeus to implement PKINIT abuse, and covers more details on this in depth in their post on attacking smart card based Active Directory networks. This was a missing link for us offensively, and means that we can now use Rubeus to request a […]

]]> Comment on Attacking Smart Card Based Active Directory Networks by Certify – Active Directory Certificate Abuse - Latest Hacking News Today - HakTechs https://ethicalchaos.dev/2020/10/04/attacking-smart-card-based-active-directory-networks/#comment-611 Fri, 01 Oct 2021 15:10:04 +0000 https://ethicalchaos.dev/?p=244#comment-611 […] Coburn released an excellent post in 2020 on “Attacking Smart Card Based Active Directory Networks” detailing some smart card abuse and Certify […]

]]> Comment on Lets Create An EDR… And Bypass It! Part 1 by Dynamic Invocation in .NET to bypass hooks – NVISO Labs https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/#comment-88 Fri, 20 Nov 2020 08:45:54 +0000 https://ethicalchaos.dev/?p=111#comment-88 […] function call pass and normal execution of the program will be achieved. @CCob posted a very nice blog post series about this concept, and how to bypass the hooks. A good EDR will “hook” in the lowest […]

]]> Comment on Lets Create An EDR… And Bypass It! Part 1 by Attacking Smart Card Based Active Directory Networks - Ethical Chaos https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/#comment-25 Sun, 04 Oct 2020 19:31:59 +0000 https://ethicalchaos.dev/?p=111#comment-25 […] to produce a reliable hook to capture a PIN transmitted to the card. I covered API hooking in my EDR series of blog posts, so the methods used here a the same. Here is the implementation of the hooked […]

]]> Comment on Lets Create An EDR… And Bypass It! Part 2 by Lets Create An EDR… And Bypass It! Part 2 – Ethical Chaos – Library 8: Operazione Dyn-O-Mite! https://ethicalchaos.dev/2020/06/14/lets-create-an-edr-and-bypass-it-part-2/#comment-12 Sun, 14 Jun 2020 11:57:11 +0000 https://ethicalchaos.dev/?p=192#comment-12 […] https://ethicalchaos.dev/2020/06/14/lets-create-an-edr-and-bypass-it-part-2/ […]

]]> Comment on Lets Create An EDR… And Bypass It! Part 1 by Lets Create An EDR… And Bypass It! Part 2 - Ethical Chaos https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/#comment-11 Sun, 14 Jun 2020 10:47:11 +0000 https://ethicalchaos.dev/?p=111#comment-11 […] by hooking the VirtualProtect API and monitoring for the RWX memory protection flags. Check out part 1 of this series for a more detailed description on how this was […]

]]>