Alexander Neff
Alex is a Security Consultant at DigiTrace GmbH.
Since 2022 he regularly conducts penetration tests with a focus on internal infrastructure and Active Directory, while finishing his studies in the IT Security field.
With a passion for open source he maintains several open source projects, including NetExec, wsuks and EVENmonitor.
Session
The Active Directory Certificate Service (ADCS) has been studied extensively, which lead to an entire category of privilege escalation techniques: the ESC attacks.
We combined known research about attacks on ADCS and the Windows Server Update Service (WSUS) to compromise Windows machines in supposedly "secure" environments.
As this technique can be generalized, we decided to introduce the new escalation number ESC17.