GitHub - cube0x0/noPac: CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
source link: https://github.com/cube0x0/noPac
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. Yet another low effort domain user to domain admin exploit.
If a Domain Controller is vulnerable it will return a TGT without a PAC, all eyes on small size tickets.
Mitigation
Patch your Domain Controllers!
Credits
Charlie Clark for his Rubeus fork and Kevin Robertson for SharpMad
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK