Earn a Michigan Engineering AI Certificate — Stay Ahead of the AI Revolution
The Fastest Way to Become a Backend Developer Online
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a critical security vulnerability in Microsoft's Delegated Managed Service Accounts (dMSA) feature introduced in Windows Server 2025 through this 34-minute DEF CON 33 conference talk. Discover the BadSuccessor attack technique that exploits dMSAs to escalate privileges in Active Directory environments, even in domains that don't utilize dMSAs at all. Learn how attackers can leverage common and seemingly harmless Active Directory permissions to manipulate Domain Controllers into issuing Kerberos tickets for any principal, including Domain Admins and Domain Controllers. Understand the advanced methodology for obtaining NTLM hashes of every domain user without directly accessing the domain controller. Follow the researcher's journey through the discovery process, technical implementation details, and comprehensive analysis of the potential impact this vulnerability poses to Active Directory environments across organizations.
Syllabus
DEF CON 33 - The UnRightful Heir My dMSA Is Your New Domain Admin - Yuval Gordon
Taught by
DEFCONConference