Privilege Escalation

DSInternals is vulnerable to privilege escalation. The vulnerability exists in the save function of RoamedCredential.cs because invalid characters are not properly parsed in windows roaming credential service which allows an attacker to write files on the file system with elevate privileges...

DSInternals Credential Roaming Elevation of Privilege Vulnerability

Impact A vulnerability exists in the DSInternals.Common.Data.RoamedCredential.Save method, which incorrectly parses the msPKIAccountCredentials LDAP attribute values. As a consequence, a malicious actor would be able to modify the file system of the computer where an application using this functi...

GHSA-VX2X-9CFF-FHJW DSInternals Credential Roaming Elevation of Privilege Vulnerability

Impact A vulnerability exists in the DSInternals.Common.Data.RoamedCredential.Save method, which incorrectly parses the msPKIAccountCredentials LDAP attribute values. As a consequence, a malicious actor would be able to modify the file system of the computer where an application using this functi...

PT-2022-5620 · Microsoft · Windows Server +1

Name of the Vulnerable Software and Affected Versions: Windows Credential Roaming Service versions prior to 4.8 microsoft windows server 2008 r2, - microsoft windows server 2012 r2, - microsoft windows 10 1607, 1809, 21h1, -, 21h2, 20h2 microsoft windows 8.1 - microsoft windows server 2016 -...

Lil-Pwny - Auditing Active Directory Passwords Using Multiprocessing In Python

A multiprocessing approach to auditing Active Directory passwords using Python. About Lil Pwny Lil Pwny is a Python application to perform an offline audit of NTLM hashes of users' passwords, recovered from Active Directory, against known compromised passwords from Have I Been Pwned. The username...