Azure Active Directory Pass-Strough ์ธ์ฆ ๊ฒฐํจ
2022๋ 9์ 20์ผ, SecureWorksยฎ Counter Threat Unit โข (CTU) ์ฐ๊ตฌ์๋ค์ด Azure Active Directory (Azure AD) ํ์ด๋ธ๋ฆฌ๋ ์์ด๋ดํฐํฐ ์ธ์ฆ ๋ฐฉ๋ฒ ์ค ํ๋์ธ ํต๊ณผ ์ธ์ฆ (PTA)์ ์ฌ์ฉํ๋ ํ๋กํ ์ฝ์ ๋ถ์ํ์ฌ ๊ณต๊ฒฉ์๊ฐ CBA๋ฅผ ์ฌ์ฉํ์ฌ PTA ์์ด์ ํธ์ ์ ์์ ํ์น ์ ์๋ค๊ณ ํ๋จํ์ต๋๋ค. ์ด๋ ์์๋ ์ธ์ฆ์๋ฅผ ์ฌ์ฉํ์ฌ ๋ฐฑ๋์ด๋ฅผ ์์ฑํ๊ณ ์๊ฒฉ ๊ฑฐ๋ถ (DOS) ๊ณต๊ฒฉ์ ์ํํ ์ ์๋ ์ํ์ ์ด๋ํฉ๋๋ค. 2022๋ 5์, SecureWorksยฎ Counter Threat Unit โข (CTU) ์ฐ๊ตฌ์๋ค์ด PTA๊ฐ ์ฌ์ฉํ๋ ํ๋กํ ์ฝ์ ๋ถ์ํ์ฌ ๊ณต๊ฒฉ์๊ฐ CBA๋ฅผ ์ฌ์ฉํ์ฌ PTA ์์ด์ ํธ์ ์ ์์ ํ์น ์ ์๋ค๊ณ ํ๋จํ์ต๋๋ค. ์ด๋ ์์๋ ์ธ์ฆ์๋ฅผ ์ฌ์ฉํ์ฌ ๋ฐฑ๋์ด๋ฅผ ๋ง๋ค๊ณ ์๊ฒฉ ๊ฑฐ๋ถ (DOS) ๊ณต๊ฒฉ์ ์ํํ ์ ์๋ ์ํ์ ์ด๋ํฉ๋๋ค.
Azure Active Directory Pass-Through Authentication Flaws
On September 20, 2022, SECUREWORKSยฎ Counter Threat Unit โข (CTU) researchers analyze the protocol using PTA, one of the Azure Active Directory (Azure AD) hybrid hybrid identity certification methods,I decided to steal the identity of the PTA agent.This causes the risk of creating a backdoor and performing a remote (DOS) attack using a damaged certificate.In May 2022, the SECUREWORKSยฎ Counter Threat Unit โข (CTU) researchers analyzed the protocol used by the PTA, so that the attacker could use the CBA to steal the identity of the PTA agent.This uses a damaged certificate to create a backdoor and the risk of performing a remote rejection (DOS) attack.
https://www.secureworks.com/research/azure-active-directory-pass-through-authentication-flaws