SCCM Hierarchy Takeover with High Availability

SCCM Hierarchy Takeover with High Availability

TL;DR: SCCM sites configured to support high availability can be abused to compromise the entire hierarchyI previously wrote about how targeting site systems hosting the SMS Provider role can be used to ...
Site Takeover via SCCM’s AdminService API

Site Takeover via SCCM’s AdminService API

tl:dr: The SCCM AdminService API is vulnerable to NTLM relaying and can be abused for SCCM site takeover.Prior Work and CreditBefore I get started, I’d like to acknowledge some of the work previously ...
SCCM Site Takeover via Automatic Client Push Installation

SCCM Site Takeover via Automatic Client Push Installation

tl;dr: Install hotfix KB15599094 and disable NTLM for client push installation.While reading SCCM Current Branch Unleashed and stepping through the site installation process, I found something interesting — the primary site server’s domain computer ...
Figure 1

How ITIL Can Improve Information Security

By: Steven Weil Introduction ITIL - the Information Technology Infrastructure Library - is a set of best practices and guidelines that define an integrated, process-based approach for managing information technology services. ITIL ...