Kevin Robertson
More By Kevin Robertson
MachineAccountQuota Transitive Quota: 110 Accounts and Beyond
Active Directory (AD) tracks transitive accounts created through MAQ to limit the number of accounts that can be added from a single unprivileged source account. AD calculates the maximum using a formula of Q * (Q + 1), where Q is the current MAQ setting. The default MAQ setting of 10 results in a limit of 110 permitted transitive accounts. However, the transitive quota can often be exceeded by large amounts.
MachineAccountQuota is USEFUL Sometimes: Exploiting One of Active Directory's Oddest Settings
MachineAccountQuota (MAQ) is a domain level attribute that by default permits unprivileged users to attach up to 10 computers to an Active Directory (AD) domain.
ADIDNS Revisited – WPAD, GQBL, and More
This post will mainly cover some additional techniques on both the offensive and defensive fronts for exploiting Active Directory-Integrated DNS (ADIDNS).
Inveigh – What's New in Version 1.4
New Inveigh release! This blog details all the new features.
Beyond LLMNR/NBNS Spoofing – Exploiting Active Directory-Integrated DNS
Exploiting weaknesses in name resolution protocols is a common technique for performing man-in-the-middle (MITM) attacks. This blog dives into two particularly vulnerable name resolution protocols: Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBNS).