Jim Sykora

@[email protected]
542 Followers
430 Following
125 Posts
I enjoy security, technology, learning, books, & the great outdoors.
Trying to be human & kind.
Active Directory & Identity Security as a career.
Opinions = mine.
GitHubhttps://github.com/JimSycurity
Twitter (not checked often)https://twitter.com/JimSycurity
LocationUnited States, Minnesota, Rural
PronounsHe/Him/Hän
Blueskyhttps://bsky.app/profile/jimsycurity.adminsdholder.com
Jim SykoraApr 10, 2025
Show threadMr. BitternessApr 10, 2025

@GossiTheDog @jernej__s
Eh, I should have trusted my original skepticism.
The original 0x80070643 error I saw for KB5057589 didn't have anything to do with the existence of C:\inetpub
That is, I cannot confirm any rumor of the existence of C:\inetpub interfering with any of April's security udpates. And if one did happen to create C:\inetpub as a normal user, installing April's updates will tighten up the ACLs. 🤷‍♂️

The only thing of interest here is:
While KB5057589 is indeed listed as a "Security Update", I can find no information of what CVE(s) it fixes. 🤔

Jim SykoraNov 2, 2024
Harry Stephen KeelerNov 1, 2024
[Lessie Benningfield Randle, one of the last known living survivors of the 1921 Tulsa Race Massacre, cast her ballot for Kamala Harris in the 2024 presidential race. She turns 110 on Nov. 10.]
Jim SykoraNov 1, 2024
James Forshaw Oct 31, 2024
Put up the slides for my Bluehat 2024 presentation on improvements to OleView.NET https://github.com/tyranid/infosec-presentations/blob/master/Bluehat/2024/DCOM%20Research%20for%20Everyone!.pdf You can also grab v1.15 of OleView.NET from the PS Gallery which has the new features to generate proxy clients on the fly.
infosec-presentations/Bluehat/2024/DCOM Research for Everyone!.pdf at master · tyranid/infosec-presentations

A repository of previous info-sec presentations I've presented. - tyranid/infosec-presentations

GitHub
Jim SykoraMar 22, 2024
Jake Hildreth (acorn) Mar 22, 2024

Today on the Trimarc Twitch Happy Hour!

@jeffmcjunkin is joining us to talk about Tech Debt and how to abolish it.

Also, apparently Dev's name is pronounced "Dave" in Hindi.

2p ET

https://twitch.tv/TwitchSecurity

twitchsecurity - Twitch

twitchsecurity streams live on Twitch! Check out their videos, sign up to chat, and join their community.

Twitch
Jim SykoraFeb 9, 2024
James Forshaw Feb 9, 2024

Okay, so I did a quick dive into sudo in Windows and here are my initial findings. https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html

The main take away is, writing Rust won't save you from logical bugs :)

Sudo On Windows a Quick Rundown

Background The Windows Insider Preview build 26052 just shipped with a sudo command, I thought I'd just take a quick peek to see what it doe...

Jim SykoraJan 7, 2024
Jake Hildreth (acorn) Jan 6, 2024

New Year, New Release!

BlueTuxedo, a tiny tool built to find and fix misconfigurations in Active Directory-integrated DNS, is now at a place where it can start getting "official releases" - whatever that means for a tool worked on during spare time with no real commitment! Expect a release more-or-less monthly unless life happens.

In this release, we added more information about what BlueTuxedo actually IS to the README, added a couple checks, and improved DHCP server identification. Also, BlueTuxedo is now available in the Powershell Gallery for ease of installation!

Improvements:

  • New Data Collected:
    • DnsUpdateProxy group membership
    • Name Protection on DHCP servers
  • New Checks:
    • Do ADI DNS zones enforce secure updates?
    • Is the DnsUpdateProxy group membership >0?
  • Published to PSGallery

Known Issues:

  • Certain multi-domain forest configurations result in inability to enumerate ADI Zones.

Contributors to this release:
@horse (code)
@JimSycurity (research and testing)

Grab it from here: https://github.com/TrimarcJake/BlueTuxedo/releases/tag/2024.1

Release v2024.1 · TrimarcJake/BlueTuxedo

New Year, New Release! BlueTuxedo is now at a place where it can start getting "official releases" - whatever that means for a tool worked on during spare time with no real commitment! Expect a re...

GitHub
Jim SykoraOct 21, 2023
Jake Hildreth (acorn) Oct 20, 2023

@JimSycurity and I did a thing.

BlueTuxedo will help you do the following:
- Audit your Active Directory-integrated DNS - including things that aren't visible in the DNS snap-in!
- Identify common misconfigurations
- Fix identified issues

https://github.com/TrimarcJake/BlueTuxedo

GitHub - TrimarcJake/BlueTuxedo: A tiny tool to find and fix common misconfigurations in Active Directory-integrated DNS

A tiny tool to find and fix common misconfigurations in Active Directory-integrated DNS - TrimarcJake/BlueTuxedo

GitHub
Jim SykoraJun 22, 2023
BleepingComputerJun 22, 2023

VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems.

https://www.bleepingcomputer.com/news/security/vmware-fixes-vcenter-server-bugs-allowing-code-execution-auth-bypass/

VMware fixes vCenter Server bugs allowing code execution, auth bypass

VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems.

BleepingComputer
Jim SykoraJun 21, 2023

My latest #ActiveDirectory whitepaper was published today on the Trimarc Content Hub.

Owner or Pwned? Discovering and Remediating AD Object Ownership Issues is a free (no registration required) 50+ page document that explains what ownership is in AD, how it can be abused, how non-standard ownership can be discovered, how to reactively remediate it, and how to proactively defend.

https://www.hub.trimarcsecurity.com/post/trimarc-whitepaper-owner-or-pwnd

#acl #ace #dacl #security

Trimarc Whitepaper: Owner or Pwnd?

Foreward "Owner or Pwned?" is an in-depth journey into the intricacies of ownership in Active Directory (AD). Yes, I had to lookup how to spell intricacies. Trimarc's own Jim Sykora smashes a years’ worth of research into 54 short pages. Complete with code snips, screenshots, examples and of course Kenny Loggins' references. This whitepaper touches on all aspects of AD ownership: Organizational Units (OUs), Computers, Groups, Users, AD Certificate Services (ADCS), Group Policy Objects (GPOs), an

Trimarc Content Hub
Jim SykoraJun 6, 2023

What do you feel is the most common barrier to getting or keeping an Active Directory environment secure?

Examples: Insecure defaults, lack of resources, red tape, training/knowledge gaps, no tiering, config drift, the VP's nephew who set it up originally, technical debt

Checking my assumptions and posting around a few platforms to get input and reach.

#activedirectory