I'm currently working on unraveling the Active Directory Integrated DNS vulns reported by Dirk-jan Mollema, CVE-2020-0761 and CVE-2020-0718 (and the likely related CVE-2020-0856 found internally at MS) and oof are there a lot of layers involved here.

Dirk-jan mentioned he plans on doing a blog post on it at some point, but it's always fun to have it figured out before the details are public 😀

Grrrrrrr I am so close to triggering one of these vulns but for my own health I need to call it a day.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.