Petitpotam Exploit POC

Share
TRUESEC
Published at : 01 Oct 2021
Subscribe to TRUESEC
4196 views
49
1

When PetitPotam is exploited and NTLM credentials are relayed to Active Directory Certificate Services, an attacker can obtain Domain Administrator privileges without any prior authentication to the domain.

- THIS PROOF OF CONCEPT IS FOR EDUCATIONAL/AWARENESS/RESEARCH PURPOSES ONLY -

Read the full blogpost here:
https://blog.truesec.com/2021/08/02/from-stranger-to-da-using-petitpotam-to-ntlm-relay-to-active-directory

By Ben Bidmead @TRUESEC

PetitpotamExploit
Foundation Cap | Home Renovation & Addition Part 8

Foundation Cap | Home Renovation & Addition Part 8

P Bank: A public toilet facility that offers a solution to the phosphorus scarcity

P Bank: A public toilet facility that offers a solution to the phosphorus scarcity

Everything About DETERMINATION in Deltarune Chapter 2

Everything About DETERMINATION in Deltarune Chapter 2

How to Slow Down Attacks to the Exact Same SECOND in Goodgame Empire

How to Slow Down Attacks to the Exact Same SECOND in Goodgame Empire

Podcast KARMAKE episood 7 I Kaijo Nurmsoo: "Miks suhted ebaõnnestuvad?"

Podcast KARMAKE episood 7 I Kaijo Nurmsoo: "Miks suhted ebaõnnestuvad?"

Pat McAfee & AJ Hawk Pick EVERY Week 6 NFL Game

Pat McAfee & AJ Hawk Pick EVERY Week 6 NFL Game

What is interfering with an Emergency Call

What is interfering with an Emergency Call

Array Based Families in Revit - What You NEED TO KNOW!

Array Based Families in Revit - What You NEED TO KNOW!

Terry Speed - Accept Complexity - the Pure & Simple Truth is Rarely Pure & Never Simple

Terry Speed - Accept Complexity - the Pure & Simple Truth is Rarely Pure & Never Simple

Τορτίγια γεμιστή με Αλλαντικά και Τυριά-Tortilla stuffed with Cold Cuts and Cheeses/Stella Love Cook

Τορτίγια γεμιστή με Αλλαντικά και Τυριά-Tortilla stuffed with Cold Cuts and Cheeses/Stella Love Cook

US TESTING CHINA'S RED LINE! US Nearly Doubled Military Personnel in Taiwan This Year.

US TESTING CHINA'S RED LINE! US Nearly Doubled Military Personnel in Taiwan This Year.

The Fantastic Karroo Theatrical Hotel

The Fantastic Karroo Theatrical Hotel

NEWS: Federal judge blocks COVID vaccine mandate for healthcare workers in USA

NEWS: Federal judge blocks COVID vaccine mandate for healthcare workers in USA

LOCKED IN POP IT PRISON FOR 24 HOURS || Rich VS Broke Jail! Pop It House By 123 GO! TRENDS

LOCKED IN POP IT PRISON FOR 24 HOURS || Rich VS Broke Jail! Pop It House By 123 GO! TRENDS

They really weren’t sure WHAT was occurring! Almost looked like it was ALIVE! SO weird

They really weren’t sure WHAT was occurring! Almost looked like it was ALIVE! SO weird

Are you a Classy/Chic or Soft girl ?🥂✨Aesthetic Quiz ✨

Are you a Classy/Chic or Soft girl ?🥂✨Aesthetic Quiz ✨

Rocket League, but the GOAL is the SIZE OF THE BALL

Rocket League, but the GOAL is the SIZE OF THE BALL

Can i fast with the intention of asking Allah for curing my uncle #DrMuhammadSalah #islamqa #fatwa

Can i fast with the intention of asking Allah for curing my uncle #DrMuhammadSalah #islamqa #fatwa

Jesus Says Stop Worrying And Come To Him With This Powerful Prayer For Protection From All Evil

Jesus Says Stop Worrying And Come To Him With This Powerful Prayer For Protection From All Evil

NEWS: These AIRLINES are now DITCHING MASKS onboard. Should others follow?

NEWS: These AIRLINES are now DITCHING MASKS onboard. Should others follow?

Giggs - Innocent (Official Video)

Giggs - Innocent (Official Video)

Fastball- The Way (with lyrics)

Fastball- The Way (with lyrics)

download GB WhatsApp versi terbaru 2021

download GB WhatsApp versi terbaru 2021

An entire life in just four months

An entire life in just four months

বাঘের মুখো মুখি সেনাপতি | Gopal Bhar | Double Gopal

বাঘের মুখো মুখি সেনাপতি | Gopal Bhar | Double Gopal

theSummer | Chillstep Selection #14

theSummer | Chillstep Selection #14

Countrywide (Tommy Emmanuel) - Tutorial (Part 1)

Countrywide (Tommy Emmanuel) - Tutorial (Part 1)

Dibujos de moda: Dibuja un figurín de mujer caminando

Dibujos de moda: Dibuja un figurín de mujer caminando

How many slippers did Golden Retriever bite🧐 Dog bites owner's toothbrush🤣 Funny dog

How many slippers did Golden Retriever bite🧐 Dog bites owner's toothbrush🤣 Funny dog

Cop Tries To Harass Black College Student But Gets Owned And Taught The Law

Cop Tries To Harass Black College Student But Gets Owned And Taught The Law

the incredibles the real move

the incredibles the real move

i used THE MOST INTIMIDATING PLAYERS ONLY and played a VERY CLOSE game.. MLB The Show 21

i used THE MOST INTIMIDATING PLAYERS ONLY and played a VERY CLOSE game.. MLB The Show 21

Accomplishing Zero Trust Security Using SDP

Accomplishing Zero Trust Security Using SDP

TUNEZJA SPECIAL [2/2] - NAJWIĘCEJ TARANTULI I SZOKUJĄCE ODKRYCIE 😳😱

TUNEZJA SPECIAL [2/2] - NAJWIĘCEJ TARANTULI I SZOKUJĄCE ODKRYCIE 😳😱

Trailer - Smile made an expensive surprise for Diana! What is he hoping for!

Trailer - Smile made an expensive surprise for Diana! What is he hoping for!

How to Pronounce Often | Is the T Silent in Often? | Is it correct to pronounce the T in Often?

How to Pronounce Often | Is the T Silent in Often? | Is it correct to pronounce the T in Often?

FNF Reacts To "STRESS" but Every Turn Another Character Sing It - Friday Night Funkin Animation

FNF Reacts To "STRESS" but Every Turn Another Character Sing It - Friday Night Funkin Animation

The BEST Things You’ll Buy in Disney World

The BEST Things You’ll Buy in Disney World

Fiction and abstractions can be metatruth as opposed to non fiction | Jordan Peterson

Fiction and abstractions can be metatruth as opposed to non fiction | Jordan Peterson

Immediate justice on French motorway

Immediate justice on French motorway

Earn $91 Per HOUR By Just Watching Videos (Make Money Online)

Earn $91 Per HOUR By Just Watching Videos (Make Money Online)

Making use of Hall Effect devices #095

Making use of Hall Effect devices #095

Используй эти 5 Хитростей и Похудеешь в 2 раза Быстрее

Используй эти 5 Хитростей и Похудеешь в 2 раза Быстрее

Don't date these types of women, they'll make you miserable

Don't date these types of women, they'll make you miserable

I went NUTTY in RANKED! - Rainbow Six Siege

I went NUTTY in RANKED! - Rainbow Six Siege

First Time Hearing Weird Al Yankovic - Tacky Reaction

First Time Hearing Weird Al Yankovic - Tacky Reaction

study with me as a 3rd year tourism student at Lyceum

study with me as a 3rd year tourism student at Lyceum

Travel Vlog | Packing, Visiting Cape Town, Apartment Tour, Shop with Me, New Relaxer & Girl Talks

Travel Vlog | Packing, Visiting Cape Town, Apartment Tour, Shop with Me, New Relaxer & Girl Talks

How to enable Cortana in Greece ~ Πως να κάνετε τη Κορτάνα να δουλέψει!

How to enable Cortana in Greece ~ Πως να κάνετε τη Κορτάνα να δουλέψει!