diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericAll/LinuxAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericAll/LinuxAbuse.tsx index db6f71bac..c30d8b20e 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericAll/LinuxAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericAll/LinuxAbuse.tsx @@ -587,7 +587,7 @@ const LinuxAbuse: FC = ( return ( <> - With GenericAll permission over a root CA, you can make a rouge certificate trusted as a root CA + With GenericAll permission over a root CA, you can make a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -598,7 +598,7 @@ const LinuxAbuse: FC = ( <> With GenericAll permission over a NTAuth store, you can make an enterprise CA certificate - trusted for NT (domain) authentication the AD forest by adding the certificate in the root CA + trusted for NT (domain) authentication in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. This action may enable you to perform an ADCS domain escalation. @@ -609,7 +609,7 @@ const LinuxAbuse: FC = ( <> With GenericAll permission over an issuance policy object, you create a OID group link to a - targeted group by adding the groups distinguishedName in the msDS-OIDToGroupLink attribute of + targeted group by adding the group's distinguishedName in the msDS-OIDToGroupLink attribute of the issuance policy object. This action may enable you to gain membership of the group through an ADCS ESC13 attack. diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericAll/WindowsAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericAll/WindowsAbuse.tsx index cfe2b37a1..61dc7c4b9 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericAll/WindowsAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericAll/WindowsAbuse.tsx @@ -723,7 +723,7 @@ const WindowsAbuse: FC = return ( <> - With GenericAll permission over a root CA, you can make a rouge certificate trusted as a root CA + With GenericAll permission over a root CA, you can make a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -734,7 +734,7 @@ const WindowsAbuse: FC = <> With GenericAll permission over a NTAuth store, you can make an enterprise CA certificate - trusted for NT (domain) authentication the AD forest by adding the certificate in the root CA + trusted for NT (domain) authentication in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. This action may enable you to perform an ADCS domain escalation. @@ -745,7 +745,7 @@ const WindowsAbuse: FC = <> With GenericAll permission over an issuance policy object, you create a OID group link to a - targeted group by adding the groups distinguishedName in the msDS-OIDToGroupLink attribute of + targeted group by adding the group's distinguishedName in the msDS-OIDToGroupLink attribute of the issuance policy object. This action may enable you to gain membership of the group through an ADCS ESC13 attack. diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericWrite/LinuxAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericWrite/LinuxAbuse.tsx index 2dca3efc2..17dd00801 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericWrite/LinuxAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericWrite/LinuxAbuse.tsx @@ -310,7 +310,7 @@ const LinuxAbuse: FC = ({ targetType }) => { return ( <> - With GenericWrite permission over a root CA, you can make a rouge certificate trusted as a root + With GenericWrite permission over a root CA, you can make a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -321,7 +321,7 @@ const LinuxAbuse: FC = ({ targetType }) => { <> With GenericWrite permission over a NTAuth store, you can make an enterprise CA certificate - trusted for NT (domain) authentication the AD forest by adding the certificate in the root CA + trusted for NT (domain) authentication in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. This action may enable you to perform an ADCS domain escalation. @@ -332,7 +332,7 @@ const LinuxAbuse: FC = ({ targetType }) => { <> With GenericWrite permission over an issuance policy object, you create a OID group link to a - targeted group by adding the groups distinguishedName in the msDS-OIDToGroupLink attribute of + targeted group by adding the group's distinguishedName in the msDS-OIDToGroupLink attribute of the issuance policy object. This action may enable you to gain membership of the group through an ADCS ESC13 attack. diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericWrite/WindowsAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericWrite/WindowsAbuse.tsx index 00932e804..63e0838e3 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericWrite/WindowsAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/GenericWrite/WindowsAbuse.tsx @@ -371,7 +371,7 @@ const WindowsAbuse: FC = ({ sourceName, sourceType, targetName, t return ( <> - With GenericWrite permission over a root CA, you can make a rouge certificate trusted as a root + With GenericWrite permission over a root CA, you can make a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -382,7 +382,7 @@ const WindowsAbuse: FC = ({ sourceName, sourceType, targetName, t <> With GenericWrite permission over a NTAuth store, you can make an enterprise CA certificate - trusted for NT (domain) authentication the AD forest by adding the certificate in the root CA + trusted for NT (domain) authentication in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. This action may enable you to perform an ADCS domain escalation. @@ -393,7 +393,7 @@ const WindowsAbuse: FC = ({ sourceName, sourceType, targetName, t <> With GenericWrite permission over an issuance policy object, you create a OID group link to a - targeted group by adding the groups distinguishedName in the msDS-OIDToGroupLink attribute of + targeted group by adding the group's distinguishedName in the msDS-OIDToGroupLink attribute of the issuance policy object. This action may enable you to gain membership of the group through an ADCS ESC13 attack. diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/Owns/LinuxAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/Owns/LinuxAbuse.tsx index 626511962..e5095855a 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/Owns/LinuxAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/Owns/LinuxAbuse.tsx @@ -704,7 +704,7 @@ const LinuxAbuse: FC = ( <> With ownership over a root CA, you can grant yourself GenericAll. With GenericAll, you can make - a rouge certificate trusted as a root CA in the AD forest by adding the certificate in the root + a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -715,9 +715,9 @@ const LinuxAbuse: FC = ( <> With ownership over a NTAuth store, you can grant yourself GenericAll. With GenericAll, you can - make an enterprise CA certificate trusted for NT (domain) authentication the AD forest by adding - the certificate in the root CA object's cACertificate attribute. This action may enable you to - perform an ADCS domain escalation. This action may enable you to perform an ADCS domain + make an enterprise CA certificate trusted for NT (domain) authentication in the AD forest by + adding the certificate in the root CA object's cACertificate attribute. This action may enable + you to perform an ADCS domain escalation. This action may enable you to perform an ADCS domain escalation. diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/Owns/WindowsAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/Owns/WindowsAbuse.tsx index 1b5d4304a..37662c215 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/Owns/WindowsAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/Owns/WindowsAbuse.tsx @@ -947,7 +947,7 @@ const WindowsAbuse: FC = <> With ownership over a root CA, you can grant yourself GenericAll. With GenericAll, you can make - a rouge certificate trusted as a root CA in the AD forest by adding the certificate in the root + a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -958,9 +958,9 @@ const WindowsAbuse: FC = <> With ownership over a NTAuth store, you can grant yourself GenericAll. With GenericAll, you can - make an enterprise CA certificate trusted for NT (domain) authentication the AD forest by adding - the certificate in the root CA object's cACertificate attribute. This action may enable you to - perform an ADCS domain escalation. This action may enable you to perform an ADCS domain + make an enterprise CA certificate trusted for NT (domain) authentication in the AD forest by + adding the certificate in the root CA object's cACertificate attribute. This action may enable + you to perform an ADCS domain escalation. This action may enable you to perform an ADCS domain escalation. diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteDacl/LinuxAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteDacl/LinuxAbuse.tsx index a0b3b76a0..c4da95280 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteDacl/LinuxAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteDacl/LinuxAbuse.tsx @@ -700,7 +700,7 @@ const LinuxAbuse: FC = ( <> With WriteDacl permission over a root CA, you can grant yourself GenericAll. With GenericAll, - you can make a rouge certificate trusted as a root CA in the AD forest by adding the certificate + you can make a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -711,10 +711,10 @@ const LinuxAbuse: FC = ( <> With WriteDacl permission over a NTAuth store, you can grant yourself GenericAll. With - GenericAll, you can make an enterprise CA certificate trusted for NT (domain) authentication the - AD forest by adding the certificate in the root CA object's cACertificate attribute. This action - may enable you to perform an ADCS domain escalation. This action may enable you to perform an - ADCS domain escalation. + GenericAll, you can make an enterprise CA certificate trusted for NT (domain) authentication in + the AD forest by adding the certificate in the root CA object's cACertificate attribute. This + action may enable you to perform an ADCS domain escalation. This action may enable you to + perform an ADCS domain escalation. ); diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteDacl/WindowsAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteDacl/WindowsAbuse.tsx index 77700e170..a779a5cb5 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteDacl/WindowsAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteDacl/WindowsAbuse.tsx @@ -891,7 +891,7 @@ const WindowsAbuse: FC = <> With WriteDacl permission over a root CA, you can grant yourself GenericAll. With GenericAll, - you can make a rouge certificate trusted as a root CA in the AD forest by adding the certificate + you can make a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -902,10 +902,10 @@ const WindowsAbuse: FC = <> With WriteDacl permission over a NTAuth store, you can grant yourself GenericAll. With - GenericAll, you can make an enterprise CA certificate trusted for NT (domain) authentication the - AD forest by adding the certificate in the root CA object's cACertificate attribute. This action - may enable you to perform an ADCS domain escalation. This action may enable you to perform an - ADCS domain escalation. + GenericAll, you can make an enterprise CA certificate trusted for NT (domain) authentication in + the AD forest by adding the certificate in the root CA object's cACertificate attribute. This + action may enable you to perform an ADCS domain escalation. This action may enable you to + perform an ADCS domain escalation. ); diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteOwner/LinuxAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteOwner/LinuxAbuse.tsx index 752d61a29..ed778aea6 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteOwner/LinuxAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteOwner/LinuxAbuse.tsx @@ -770,7 +770,7 @@ const LinuxAbuse: FC = ({ sourceName, targ <> With WriteOwner permission on a root CA, you can grant yourself ownership over the object to - then grant yourself GenericAll. With GenericAll, you can make a rouge certificate trusted as a + then grant yourself GenericAll. With GenericAll, you can make a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -782,7 +782,7 @@ const LinuxAbuse: FC = ({ sourceName, targ With WriteOwner permission on a NTAuth store, you can grant yourself ownership over the object to then grant yourself GenericAll. With GenericAll, you can make an enterprise CA certificate - trusted for NT (domain) authentication the AD forest by adding the certificate in the root CA + trusted for NT (domain) authentication in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. This action may enable you to perform an ADCS domain escalation. @@ -794,7 +794,7 @@ const LinuxAbuse: FC = ({ sourceName, targ With WriteOwner permission on an issuance policy object, you can grant yourself ownership over the object to then grant yourself GenericAll. With GenericAll, you create a OID group link to a - targeted group by adding the groups distinguishedName in the msDS-OIDToGroupLink attribute of + targeted group by adding the group's distinguishedName in the msDS-OIDToGroupLink attribute of the issuance policy object. This action may enable you to gain membership of the group through an ADCS ESC13 attack. diff --git a/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteOwner/WindowsAbuse.tsx b/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteOwner/WindowsAbuse.tsx index ed2d115b3..83b84fa82 100644 --- a/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteOwner/WindowsAbuse.tsx +++ b/packages/javascript/bh-shared-ui/src/components/HelpTexts/WriteOwner/WindowsAbuse.tsx @@ -1046,7 +1046,7 @@ const WindowsAbuse: FC = <> With WriteOwner permission on a root CA, you can grant yourself ownership over the object to - then grant yourself GenericAll. With GenericAll, you can make a rouge certificate trusted as a + then grant yourself GenericAll. With GenericAll, you can make a rogue certificate trusted as a root CA in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. @@ -1058,7 +1058,7 @@ const WindowsAbuse: FC = With WriteOwner permission on a NTAuth store, you can grant yourself ownership over the object to then grant yourself GenericAll. With GenericAll, you can make an enterprise CA certificate - trusted for NT (domain) authentication the AD forest by adding the certificate in the root CA + trusted for NT (domain) authentication in the AD forest by adding the certificate in the root CA object's cACertificate attribute. This action may enable you to perform an ADCS domain escalation. This action may enable you to perform an ADCS domain escalation. @@ -1070,7 +1070,7 @@ const WindowsAbuse: FC = With WriteOwner permission on an issuance policy object, you can grant yourself ownership over the object to then grant yourself GenericAll. With GenericAll, you create a OID group link to a - targeted group by adding the groups distinguishedName in the msDS-OIDToGroupLink attribute of + targeted group by adding the group's distinguishedName in the msDS-OIDToGroupLink attribute of the issuance policy object. This action may enable you to gain membership of the group through an ADCS ESC13 attack.