TL;DR: Write msDS-KeyCredentialLink — log in as the target via PKINIT next.

Stub — to be filled in.

What it is

TODO

Preconditions / where it applies

TODO

Technique

TODO

Detection and defence

TODO

References

• https://posts.specterops.io/shadow-credentials-abusing-key-trust-account-mapping-for-takeover-8ee1a53566ab