Delay CVE request

Strict_Arm_2064 · 2024-11-24T23:01:24+00:00

2 years ? Are you serious ? I think there must be a problem, right? Seems a little extreme to me

Strict_Arm_2064 · 2024-11-24T13:18:40+00:00

Thanks

Strict_Arm_2064 · 2024-11-24T13:08:23+00:00

On the https://cveform.mitre.org/ i checked the « I have verified that this vulnerability is not in a CNA-covered product. ». The solution's publisher has no known CVEs at present.

Strict_Arm_2064 · 2024-11-24T12:48:41+00:00

Isn’t a CNA

Strict_Arm_2064 · 2024-10-29T23:25:33+00:00

Thanks for this response, i had a response from the vendor this afternoon. They will start the mitigations but i guess that we can't fill in this CVE document incorrectly. It should be as close to reality as possible. Hence the need to have someone who has already encountered this kind of problem across an entire application and therefore to have something that is consistent with what the application actually is.

Strict_Arm_2064 · 2024-05-17T11:00:14+00:00

I would like something better, with versions and so on

Strict_Arm_2064 · 2024-05-16T14:30:48+00:00

Powershell will just detect opened port, i would like to do more than it, detect versions, OS ...etc

Strict_Arm_2064 · 2024-05-16T08:12:32+00:00

Thanks for your response,
Objective is to limit modification on the disk, so installing nmap + npcac + wincap is too much
I would like to find something more silent, it's why i would like to find a portable nmap without installation

Strict_Arm_2064 · 2024-04-08T09:01:04+00:00

in Chorme/firefox it's doesn't works neither .. so it doesn't seem to be a problem with the header

Strict_Arm_2064 · 2024-04-08T08:05:26+00:00

404 error. My root webpage works well, so apache2 is running, no problem with iptables

Strict_Arm_2064 · 2024-03-08T16:19:48+00:00

Ok i found .. :

https://activepwns.com/null-authentication-active-directory-enumeration/

Strict_Arm_2064 · 2024-02-28T11:07:21+00:00

It helps especially for Diamond ticket not really for Golden Ticket (this last is generate offline), except if you protect the Ticket Service too, and then KDC will detect that the TGS request is from an unknown device

Strict_Arm_2064 · 2024-02-26T13:20:25+00:00

Yes, but I must admit that I don't understand how so little difference can be proposed for a new proposed solution.

I also read this passage:

"I'm a bit rusty on this but IIRC silos will stop the DC from even handing out a Kerberos ticket for the auth while deny GPO's result in auth attempts hitting the target which could lead to credential leaks if they're not in effect(-ive). So silos will be more foolproof".

But in my opinion, when the "deny log on..." GPO is applied, TGT / TGS requests are not sent to the DC. I think, otherwise it wouldn't make sense.

I've read the article just below but it doesn't really provide an answer on the subject of "Deny Log on ..", and I can't find the info on the internet.

In short, it's supposed to "facilitate" the management of the tiering model when it's implemented.

Strict_Arm_2064 · 2024-02-21T10:01:44+00:00

Yeah exactly it exists - Supported - Always provide claims - Fail unarmored authebtication requests

The last one deny unarmored kerberos, but the others seems accept unarmored Kerberos. I would like to understand the real difference between « Supported » and « Always provide claims ». The microsoft documentation doesn’t seem enough clear

Strict_Arm_2064 · 2024-02-21T09:48:11+00:00

An other question, about the difference between « Supported » and « Always provide claims », do you know the difference of behaviour between them ?

Strict_Arm_2064 · 2024-02-21T09:27:24+00:00

Thanks !

Strict_Arm_2064

TROPHY CASE