filmov
tv
DEF CON 25 - Andy Robbins, Will Schroeder - Designing Active Directory DACL Backdoors
Показать описание
Active Directory (AD) object discretionary access control lists (DACLs) are an untapped offensive landscape, often overlooked by attackers and defenders alike. The control relationships between AD objects align perfectly with the "attackers think in graphs" philosophy and expose an entire class of previously unseen control edges, dramatically expanding the number of paths to complete domain compromise.
While DACL misconfigurations can provide numerous paths that facilitate elevation of domain rights, they also present a unique chance to covertly deploy Active Directory persistence. It's often difficult to determine whether a specific AD DACL misconfiguration was set intentionally or implemented by accident. This makes Active Directory DACL backdoors an excellent persistence opportunity: minimal forensic footprint, and maximum plausible deniability.
While DACL misconfigurations can provide numerous paths that facilitate elevation of domain rights, they also present a unique chance to covertly deploy Active Directory persistence. It's often difficult to determine whether a specific AD DACL misconfiguration was set intentionally or implemented by accident. This makes Active Directory DACL backdoors an excellent persistence opportunity: minimal forensic footprint, and maximum plausible deniability.
DEF CON 25 - Andy Robbins, Will Schroeder - Designing Active Directory DACL Backdoors
DEF CON 25 IoT Village - Andrew Tierney, Ken Munro - IoT From DVRs to Dildos
DEF CON 25 Recon Village - Andrew Hay - An Introduction to Graph Theory for OSINT
DEF CON 25 Crypto and Privacy Village - Andrew Brandt - SSL Visibility Revisted: A Year In Privacy I
DEF CON 25 Wifi Village - Andrew Strutt - Suitcase Repeater Build for UHF 70cm
DEF CON 25 Wifi Village - Andrew Strutt - POCSAG Amateur Pager Network
DEF CON 25 Crypto and Privacy Village - Trey Forgety - Protecting Users' Privacy
DEF CON 29 Recon Village - Andy Dennis - Using Passive DNS for gathering Business Intelligence
DEF CON 25 Recon Village - Kunal Aggarwal - DataSploit Open Source Assistant for OSINT
DEF CON 25 - Matt Knight - Radio Exploitation 101
DEF CON 25 Wifi Village - Nick Delewski - Failsafe: Yet Another SimpliSafe Attack Vector
DEF CON 25 Recon Village - Shane MacDougal - Keynote: Seeing is Believing The Future of Recon
DEF CON 25 Rootz Asylum - David Weinman - Introduction To Cheat Engine
DEF CON 25 Crypto and Privacy Village - Punky Duero - The Key Management Facility of The Root DNSSEC
DEF CON 25 SE Village - Tyler Rosonke - Social Engineering With Web Analytics
DEF CON 25 Crypto and Privacy Village - Jake Williams -The Symantec SSL Debacle Lessons Learned
DEF CON 25 - Inbar Raz, Eden Shochat - From One Country, One Floppy to Startup Nation
DEF CON 25 Car Hacking Village - Vlad Gostomelsky - GPS System Integrity
DEF CON 25 - Josh Datko, Chris Quartier - Breaking Bitcoin Hardware Wallets
DEF CON 25 Recon Village - Dakota Nelson -Total Recoll
DEF CON 25 ICS Village - Arnaud Soullié - Fun with Modbus 0x5a Nothing New Still Relevant?
DEF CON 25 - Steinthor Bjarnason, Jason Jones - The call is coming from inside the house
DEF CON 25 - Svea Eckert, Andreas Dewes - Dark Data
DEF CON 25 - Hanno Bõck - Abusing Certificate Transparency Logs
Комментарии