Attacking Entra Metaverse: Part 1
Common Information
Type Value
UUID 1aac579c-370d-4b2c-b359-a6f11602c1a8
Fingerprint bb1842df0fc7c6dc
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 13, 2024, 4:45 p.m.
Added to db Dec. 13, 2024, 6:10 p.m.
Last updated Dec. 20, 2024, 6:24 p.m.
Headline Attacking Entra Metaverse: Part 1
Title Attacking Entra Metaverse: Part 1
Detected Hints/Tags/Attributes 28/1/16
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 196 Posts By SpecterOps Team Members - Medium https://posts.specterops.io/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2
adminwebservice.onmicrosoft.com
Details Domain 2
hybrid.hotnops.com
Details Domain 3
enterpriseregistration.windows.net
Details Domain 2
dc1-hybrid.hybrid.hotnops.com
Details Domain 14
dirkjanm.io
Details Domain 6
aadinternals.com
Details Email 1
jack.burton@hybrid.hotnops.com
Details File 2
devicel.key
Details File 2
winhello.key
Details File 2
winhello_cert_req.cs
Details File 2
jack_burton.pfx
Details File 37
rubeus.exe
Details File 2
c:\keys\jack_burton.pfx
Details File 4
api.pdf
Details Url 2
https://dirkjanm.io/lateral-movement-and-hash-dumping-with-temporary-access-passes-microsoft-entra
Details Url 2
https://aadinternals.com/talks/attacking