Posts by Michael Bruno
Gardening and Weeding Certificate Templates: Private Key Flags
Mismanagement of certificate templates is one of the lowest of the low-hanging fruits when it comes to ADCS threat vectors. Among other things, a misconfigured certificate template can lead to a threat actor obtaining a certificate which could be used for privilege escalation up to and including Enterprise Administrator! As you can imagine, it’s a…
Read MoreProgrammatically Determining Access Rights on Certificate Private Keys
There are times when the private key associated with a certificate needs to be accessible by multiple identities, not just the identity which owns the key material. An example is the deployment of the Microsoft Network Device Enrollment Services (NDES) role service on a server which needs to connect to a remotely hosted CA. In…
Read More