Save 40% on Coursera Plus Annual

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The UnRightful Heir - My dMSA Is Your New Domain Admin

DEFCONConference via YouTube

Start learning Write review
GetSmarter Ad

AI Adoption - Drive Business Value and Organizational Impact

Learn More → Coursera Ad

Save 40% on 3 months of Coursera Plus

Learn More →

Overview

Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a critical security vulnerability in Microsoft's Delegated Managed Service Accounts (dMSA) feature introduced in Windows Server 2025 through this 34-minute DEF CON 33 conference talk. Discover the BadSuccessor attack technique that exploits dMSAs to escalate privileges in Active Directory environments, even in domains that don't utilize dMSAs at all. Learn how attackers can leverage common and seemingly harmless Active Directory permissions to manipulate Domain Controllers into issuing Kerberos tickets for any principal, including Domain Admins and Domain Controllers. Understand the advanced methodology for obtaining NTLM hashes of every domain user without directly accessing the domain controller. Follow the researcher's journey through the discovery process, technical implementation details, and comprehensive analysis of the potential impact this vulnerability poses to Active Directory environments across organizations.

Syllabus

DEF CON 33 - The UnRightful Heir My dMSA Is Your New Domain Admin - Yuval Gordon

Taught by

DEFCONConference

Reviews

Start your review of The UnRightful Heir - My dMSA Is Your New Domain Admin

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.