Forgery

Attacking smart cards in active directory

26 March 2020 ~8 min By Hector Cuesta

Abuse Active Directory Research Smartcards Windows Windows Events Forgery Impersonation Smartcard

Introduction Recently, I encountered a fully password-less environment. Every employee in this company had their own smart card that they used to login into their computers, emails, internal applications and more. None of the employees at the company had a password at all – this sounded really cool. In this post I will detail a technique used to impersonate other users by modifying a User Principal Name (UPN) on an Active Directory domain that only uses smart cards.

Abuse
Active Directory
Research
Smartcards
Windows
Windows Events
Forgery
Impersonation
Smartcard

Page 1 of 1