I am stuck on the last exercise of the skills assessment. DEV01 has been compromised and the password of jimmy’s account too. But, I am not able to compromise DC01.
With this new credentials I found that this user belongs to a group that “has dangerous permissions”. But I am not able to execute the commands from the Linux machine.
Try using the -debug option and see what your Certipy command line really does. Especially, where your certificate request is going.
Your answer to “why is the command not working ?” is the -debug output In case of ADCS attacks, because you perform complex chains that involve authentication to a service with different templates and multiple targets, you should always ask yourself "Where is my target CA ? Does this template gather all prerequisites ? Do I have the right permissions to exploit this template ?
In short : you should check where you’re trying to request the certificates
Hello, does anyone know how to get the jimmy user password in the ADCS module skill assessment? I used hashcat to burst without results, can you give me some tips
Hi, I also have obtained the jimmy credentials and requested for administrator certificate. But, when I try to issue the request, I am getting the:
[-] Got access denied trying to issue certificate