You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
petitpotam attack
About this tag
The PetitPotam attack is a specific type of authentication coercion vulnerability affecting Windows domain controllers. It allows an unauthenticated attacker to force a domain controller to authenticate to a remote server via the MS-EFSRPC protocol, enabling NTLM relay attacks that can lead to full domain compromise. Discussions on WindowsForum.com cover how PetitPotam fits within the broader category of authentication coercion attacks, its exploitation mechanics, and defensive measures such as enabling Extended Protection for Authentication, disabling NTLM where possible, and applying Microsoft security updates. The tag focuses on understanding and mitigating this critical Windows security threat.
Authentication coercion attacks have emerged as a formidable and evolving threat to enterprise networks leveraging Windows infrastructure. Despite significant advances in native Microsoft security controls, even low-privileged domain accounts can still exercise a range of techniques to force...