Active Directory Archives - Corelan | Exploit Development & Vulnerability Research

Reversing 101 – Solving a protection scheme

In this post, we'll look at an application reversing challenge from HTS (hackthissite.org) resembling a real-life protection scheme. Put simple, the program creates a key for your username, and compares it to the one you enter. The goal of the HTS challenge is to create a key generator, but I just want to demonstrate how to retrieve the password. Read more

Exchange 2010 Certificates

In an older blog post on Certificate Authorities, I have provided some information about the process to generate Exchange 2007 certificates. This process has slightly changed in Exchange 2010, and Johan Delimon (pro-exchange.be) has written an excellent article Read more

Juniper : Netscreen Remote Dial-UP VPN with AD Radius Authentication and route based VPN / tunnel interface

The following procedure explains how to set up a Juniper ScreenOS based firewall to accept Netscreen Remote Client VPN connections and authenticate users using Active Directory (Radius via Windows 2003 IAS or Windows 2008 NPS).

We’ll assume that all Read more

Windows XP L2TP over IPSec dialup client VPN to a Juniper ScreenOS firewall, using Certificates

Before looking at the various configuration steps, we’ll have to take the following assumptions into account :

– We don’t want to use the Netscreen Remote client, but we want to use the Windows XP built-in dialup VPN technology Read more

Juniper ScreenOS Admin authentication using Windows based IAS (Radius)

On popular request, this is a quick write-up on how to set up a Juniper screenOS firewall to use an external Radius server (I’ll use Windows IAS) to authenticate administrators and to let the Radius server to assign admin Read more

Free tool – PVE TCP Ping Utility – v1.0.0.1

I wanted to share a small utility that I wrote a while ago, allowing you to run a non-interactive ‘ping’ to a tcp port (e.g. from within a script).

This could for example allow you to bring up a Read more

Merging & Syncing multiple Active Directory databases into one ADAM instance

Keywords : ldap authentication multiple domains combine adam adamsync adschemaanalyzer ldap proxy chain ldifde MS-ADAMSyncconf.xml MS-AdamSyncMetadata.ldf MS-ADAMSchemaW2K3.ldf Object Violation Naming Violation Ldap error occured. ldap_add_sW: Object Class Violation.

Case definition :

2 AD domains, containing user accounts. One of Read more

Securing Windows Server 2008 and Active Directory

According to Microsoft, Windows Server 2008 is the most secure Windows server version ever.

Windows 2008 does include many features that will help increase overall security of the OS, or assist you with securing AD, the network, etc. Most Read more

Free tool – PVE Active Directory Disable Users

Every admin knows by now that using Active Directory as the central authentication database allows for a lot of possibilities in terms of user account and security management. Keeping internal as well as external users in one and the Read more

Using Active Directory and IAS based Radius for Netscreen WebAuth authentication

As most of the bigger players in the firewall market, Juniper/Netscreen SreenOS based firewalls allow you to use/enforce/require authentication for various reasons :

Admin login
Client VPN
Authentication to open a specific rule on the firewall

In a default Read more

Posts:

Case definition :