Articles by Yannick Méheut

SANS Christmas Challenge 2022

Published on Fri 06 January 2023 by Yannick Méheut

Yannick's write-up for the 2022 SANS Christmas Challenge.

 

Authenticating with certificates when PKINIT is not supported

Published on Wed 04 May 2022 by Yannick Méheut

A certificate obtained through Active Directory Certificate Services is usually used to get a TGT or recover the NT hash using PKINIT. But what can we do when it's not possible?

 

SANS Christmas Challenge 2021

Published on Tue 04 January 2022 by Yannick Méheut

Yannick's write-up for the 2021 SANS Christmas Challenge.

 

SANS Christmas Challenge 2020

Published on Mon 11 January 2021 by Yannick Méheut

Yannick's write-up for the 2020 SANS Christmas Challenge.

 

DisplayLink USB Graphics Software arbitrary file write Elevation of Privilege

Published on Wed 01 July 2020 by Yannick Méheut

Due to overpermissive access rights on a logging folder, the DisplayLink USB Graphics software can be abused to perform privileged file operations, such as arbitrary file creation. This can be exploited, e.g. via DLL hijacking on the privileged DisplayLink process, to obtain SYSTEM privileges on the local machine.

 

SANS Christmas Challenge 2019

Published on Tue 14 January 2020 by Yannick Méheut

Yannick's write-up for the 2019 SANS Christmas Challenge.

 

SANS Christmas Challenge 2018

Published on Mon 14 January 2019 by Yannick Méheut

🎵 I'm dreaming of a pwned Christmaaaaas 🎵 As usual, here's my write-up for the 2018 SANS Christmas Challenge.

 

SANS Christmas Challenge 2017

Published on Wed 10 January 2018 by Yannick Méheut

'Tis the season to be pwning, falalalala lalalala. Each year, the SANS team publishes a Christmas Challenge against which anyone can test their skills. This year was no exception, and here's our write-up for the 2017 SANS Christmas Challenge.