An ACE Up the Sleeve - Designing Active Directory DACL Backdoors

An ACE Up the Sleeve - Designing Active Directory DACL Backdoors

Black Hat via YouTube Direct link

Intro

1 of 24
Next

1 of 24

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

An ACE Up the Sleeve - Designing Active Directory DACL Backdoors

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Intro
  2. 2 Disclaimer
  3. 3 Why Care?
  4. 4 Previous Work
  5. 5 DS_CONTROL_ACCESS
  6. 6 SRM and Canonical ACE Order
  7. 7 Elevation vs. Persistence
  8. 8 Target: User Objects
  9. 9 Target: Group Objects
  10. 10 Target: Computer Objects
  11. 11 Target: Domain Objects
  12. 12 AD Generic Rights
  13. 13 AD Control Rights
  14. 14 BloodHound Analysis
  15. 15 Objective
  16. 16 Stealth Primitive
  17. 17 Primitives: Summary
  18. 18 A Hidden DCSync Backdoor
  19. 19 Admin SDHolder
  20. 20 Domain user can access AdmPwd! LAPS cmdlet doesn't detect it!
  21. 21 Exchange Strikes Back
  22. 22 Event Logs
  23. 23 Replication Metadata
  24. 24 Future Work

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.