Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed PR for Authorized Signature Modification #11

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Fixed PR for Authorized Signature Modification #11

wants to merge 3 commits into from

Conversation

b1gbroth3r
Copy link

@FuzzySecurity here's the fixed PR, feel free to delete the original monstrosity I posted
Confirming authorized signatures are required:

C:\temp>StandIn.exe --adcs --filter HomelabTemplate

[+] Search Base  : LDAP://CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration,DC=EVILCORP,DC=local

[>] Certificate Authority  : EVILCORP-ADCS-CA
    |_ DNS Hostname        : ADCS.EVILCORP.local
    |_ Cert DN             : CN=EVILCORP-ADCS-CA, DC=EVILCORP, DC=local
    |_ GUID                : b871e353-bd19-4bb1-b9a3-12114defce9e
    |_ Published Templates : HomelabTemplate
                             SmartcardLogon
                             DirectoryEmailReplication
                             DomainControllerAuthentication
                             KerberosAuthentication
                             EFSRecovery
                             EFS
                             DomainController
                             WebServer
                             Machine
                             User
                             SubCA
                             Administrator

[>] Publishing CA          : EVILCORP-ADCS-CA
    |_ Template            : HomelabTemplate
    |_ Signatures          : 1

Removing the signature requirement

C:\temp>StandIn.exe --adcs --filter HomelabTemplate --signature --remove 

[+] Search Base  : LDAP://CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration,DC=EVILCORP,DC=local

[>] Publishing CA          : EVILCORP-ADCS-CA
    |_ Template            : HomelabTemplate
    |_ Enroll Flags        : PUBLISH_TO_DS, AUTO_ENROLLMENT
    |_ Name Flags          : SUBJECT_ALT_REQUIRE_UPN, SUBJECT_REQUIRE_DIRECTORY_PATH
    |_ pKIExtendedKeyUsage : Smart Card Logon
    |                        Client Authentication
    |_ Created             : 12/4/2021 2:08:32 AM
    |_ Modified            : 12/6/2021 2:36:30 AM

[+] Removing msPKI-RA-Signature Flag..
    |_ Success

Confirmation the operation was successful:

C:\temp>StandIn.exe --adcs --filter HomelabTemplate

[+] Search Base  : LDAP://CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration,DC=EVILCORP,DC=local

[>] Certificate Authority  : EVILCORP-ADCS-CA
    |_ DNS Hostname        : ADCS.EVILCORP.local
    |_ Cert DN             : CN=EVILCORP-ADCS-CA, DC=EVILCORP, DC=local
    |_ GUID                : b871e353-bd19-4bb1-b9a3-12114defce9e
    |_ Published Templates : HomelabTemplate
                             SmartcardLogon
                             DirectoryEmailReplication
                             DomainControllerAuthentication
                             KerberosAuthentication
                             EFSRecovery
                             EFS
                             DomainController
                             WebServer
                             Machine
                             User
                             SubCA
                             Administrator

[>] Publishing CA          : EVILCORP-ADCS-CA
    |_ Template            : HomelabTemplate
    |_ Signatures          : 0

funnybananas
funnybananas suggested changes Feb 18, 2022
View reviewed changes
Copy link

@funnybananas funnybananas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Request line 4474 gets changed (comment added) before merging.

StandIn/StandIn/Program.cs Outdated Show resolved Hide resolved
@b1gbroth3r @funnybananas
Update StandIn/StandIn/Program.cs
1c7a10c 
Co-authored-by: funnybananas <83034180+funnybananas@users.noreply.github.com>
@b1gbroth3r
Copy link
Author

Thanks again for writing such an awesome tool!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@funnybananas funnybananas funnybananas requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@b1gbroth3r @funnybananas