Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore advanced red team techniques targeting Microsoft Configuration Manager (SCCM) in this 39-minute DEF CON 33 conference talk. Discover why SCCM has become a preferred target for penetration testers and how its complexity and technical debt create persistent security vulnerabilities that organizations struggle to remediate. Learn how compromising an SCCM deployment can lead to full Active Directory takeover with less effort than traditional attack vectors. Gain insights from original security research that uncovered multiple zero-day vulnerabilities, including CVE-2024-43468, an unauthenticated SQL injection flaw. Master reconnaissance techniques for SCCM environments, understand deployment hierarchies, and learn methods for bypassing security boundaries. Examine newly discovered vulnerabilities that enable complete deployment compromise and explore post-exploitation techniques following database access. Get introduced to a battle-tested open-source tool that implements these attack methods, and discover a persistence technique for installing backdoors as legitimate servicing endpoints within SCCM infrastructure.
