Microsoft has revealed the secure golden key system

On the 9th of August 2016, Microsoft has revealed by accident the secure golden key system that is supposed to be used as a UEFI backdoor : with that key, it is now possible to unlock all Windows devices such…

Calculate Kerberos token size

The authentication protocol within a Microsoft infrastructure since the Windows 2000 time frame has been Kerberos. The Kerberos token leverages a predefined buffer to house authorization requests. This predefined Kerberos buffer size is set by the MaxTokenSize setting found in…

Understand the privilege relationships in an Active Directory environment

A new version of BloodHound (1.3.0) is already available on the GitHub. BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a PowerShell ingestor. BloodHound uses graph…

Password complexity checker

If you have enabled in your domain group policy the password complexity (see below), users will probably have some troubles to find the right password that meet these requirements. The complexity requirements are explained in the “Explain” tab of the…

Get the regional settings with Powershell

Sometimes, it can be useful to get some informations through command line instead of using the GUI. It is the case for the regional settings. If you want to compare the regional settings between two user accounts, you can both…

APT 407 error with proxy configuration

Description I got this error message when running the command apt-get update:

Context I have added a new source list to update my Grafana: deb https://packagecloud.io/grafana/stable/debian/ wheezy main I’m using the config file /etc/apt/apt.conf to install/update packages through a proxy. This file looks…

Pentest tool for Active Directory

Description CrackMapExec is a one-stop-shop for pentesting Windows/Active Directory environments. From enumerating logged on users and spidering SMB shares to executing psexec style attacks, auto-injecting Mimikatz/Shellcode/DLL’s into memory using Powershell, dumping the NTDS.dit and more! Features Pure Python script, no…

Local Security Authority cannot be contacted

Symptom While connecting on a Windows Server 2012 using RDP you might notice the following error:

Cause This is probably due to the cached account on the server. Seems to happen more on Windows 2012 server. If you have…

Check and update your GPOs for MS16-072

Description Due to the update MS16-072, you will have to check and update your GPO permissions. Why The following article describes very well why this update have changed our policy processing : After MS16-072 is installed, user group policies are…

Update computer group membership without a reboot

Very useful tip found on the internet : how to update a computer group membership without a reboot ? Problem If, like me, you use Group Policies and apply them on computer account using security groups, you notice these GPOs…