Back to directory

WRITEUP #1082

Obtaining Domain Admin from Azure AD by abusing Cloud Kerberos Trust

CloudAzure ADKerberosPrivilege escalation

by@_dirkjan(Dirk-jan Mollema)

Program

-

Published

Jun 13, 2023

Added to HackDex

Jun 13, 2023

Read Full Writeuphttps://dirkjanm.io/obtaining-domain-admin-from-azure-ad-via-cloud-kerberos-trust/

▸ RELATED WRITEUPS

Addressed AWS defaults risks: OIDC, Terraform and Anonymous to AdministratorAccess

Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD

CloudPrivilege escalation

UnOAuthorized: Privilege Elevation Through Microsoft Applications

CloudPrivilege escalation

Escalating Privileges in Google Cloud via Open Groups

CloudPrivilege escalation

ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions

CloudPrivilege escalation

Built with ❤️ by Shubham Rawat