Analyzing and Executing ADCS Attack Paths with BloodHound- Andy Robbins & Jonas Knudsen[SO-CON 2024]
ฝัง
- เผยแพร่เมื่อ 2 ต.ค. 2024
- Active Directory Certificate Services (ADCS) is Microsoft’s native PKI solution, used by many organizations to facilitate smart card authentication, TLS certificate issuance and verification, code signing, and other tasks. ADCS is a complicated system with many moving parts and possible configurations, out of which privilege escalation opportunities often emerge. Discovering those opportunities by hand is a tedious, time-consuming, and error-prone process.
In this talk, we will explain and demonstrate how BloodHound dramatically simplifies the discovery, analysis, and execution of attack paths traversing ADCS objects. We will show how with just a few clicks, BloodHound reveals these attack paths in seconds that would otherwise take hours or even days to discover by hand. We will demonstrate how attackers execute these attack paths as well as using common tooling such as Rubeus and Certify.
![Beyond the Shell: Unconventional Agents for Red Teaming Success - Cody Thomas [SO-CON 2024]](http://i.ytimg.com/vi/_dqiYDkaG7M/mqdefault.jpg)
![Beyond the Shell: Unconventional Agents for Red Teaming Success - Cody Thomas [SO-CON 2024]](/img/tr.png)
![Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]](http://i.ytimg.com/vi/nvaOszFzXCQ/mqdefault.jpg)
![[ TEASER ] เงาะป่า - วงL.กฮ. | TMG RECORD](http://i.ytimg.com/vi/M4ObdFfcPww/mqdefault.jpg)
![Ghosts on the Node - Will Pearce & Nick Landers [SO-CON 2024]](/img/n.gif)