ESC 4 - Separate the -save-old functionality with the write vulnerable properties functionality. #181
Comments
NocteDefensor
pushed a commit
to NocteDefensor/Certipy
that referenced
this issue
Nov 14, 2023
…ion and writing template configuration. This closes issue ly4k#181
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, when exploiting ESC 4, this tool will attempt to save the original template as a json file and then rewrite the template to make it vulnerable to various ESC techniques. It may be possible that the original template is either corrupted during the save process or not saved, i.e running this tool from within a directory the user does not have write access. In this situation, the original template may be changed to a vulnerable state without a valid json file to revert from. The tool user does not have an ability to inspect the json file to determine validity prior to making changes to the original template.
It would be nice to separate the functionality required to save the old template with the functionality to write the vulnerable properties to the original template.
Perhaps something like "-save-old" to save the template and "-write-template" to write any changes to the template such as reverting to the -configuration file or writing esc1 vulnerabilities etc.
The text was updated successfully, but these errors were encountered: