Skip to content
/ PassTheCert Public
forked from AlmondOffSec/PassTheCert

Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel

License

Apache-2.0 license
1 star 64 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

WilliamTaack/PassTheCert

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

C#

C#

 
 

Python

Python

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

PassTheCert

Sometimes, Domain Controllers do not support PKINIT. This can be because their certificates do not have the Smart Card Logon EKU. However, several protocols, including LDAP, support Schannel, thus authentication through TLS. We created a small Proof-of-Concept tool that allows authenticating against an LDAP/S server with a certificate to perform different attack actions.

More information in the accompanying blog post.

This repository contains a C# version, by the-useless-one, and a Python version, by ThePirateWhoSmellsOfSunflowers / drm (@lowercase_drm)

About

Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C# 52.3%
  • Python 47.7%