Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2014-6324

Description

The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability."

POC

Reference

No PoCs from references.

Github

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Al1ex/WindowsElevation

- https://github.com/Ascotbe/Kernelhub

- https://github.com/CaledoniaProject/kekeo-with-asn-vs2013

- https://github.com/Cruxer8Mech/Idk

- https://github.com/ErdemOzgen/ActiveDirectoryAttacks

- https://github.com/JFR-C/Boot2root-CTFs-Writeups

- https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups

- https://github.com/Nieuport/Active-Directory-Kill-Chain-Attack-Defense

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/R0B1NL1N/AD-Attack-Defense

- https://github.com/T0mcat3r/ALinks

- https://github.com/Whiteh4tWolf/Attack-Defense

- https://github.com/ZyberPatrol/Active-Directory

- https://github.com/aymankhder/AD-attack-defense

- https://github.com/bhataasim1/AD-Attack-Defence

- https://github.com/bigbael/as-rep-roast

- https://github.com/dark-vex/CVE-PoC-collection

- https://github.com/enderphan94/HackingCountermeasure

- https://github.com/fei9747/WindowsElevation

- https://github.com/geeksniper/active-directory-pentest

- https://github.com/hackeremmen/Active-Directory-Kill-Chain-Attack-Defense-

- https://github.com/infosecn1nja/AD-Attack-Defense

- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups

- https://github.com/metaDNA/hackingteamhack

- https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense

- https://github.com/mubix/pykek

- https://github.com/mxdelta/DOMAIN

- https://github.com/mxdelta/Up_Privel_windows

- https://github.com/mynameisv/MMSBGA

- https://github.com/nadeemali79/AD-Attack-Defense

- https://github.com/nitishbadole/oscp-note-2

- https://github.com/paramint/AD-Attack-Defense

- https://github.com/pwnlog/ALinks

- https://github.com/pwnlog/PAD

- https://github.com/pwnlog/PuroAD

- https://github.com/pwnlog/PurpAD

- https://github.com/retr0-13/AD-Attack-Defense

- https://github.com/rmsbpro/rmsbpro

- https://github.com/sunzu94/AD-Attack-Defense

- https://github.com/tataev/Security

- https://github.com/tempiltin/active-directory_pentest

- https://github.com/todo1024/2041

- https://github.com/todo1024/2102

- https://github.com/ycdxsb/WindowsPrivilegeEscalation