DEFCON 20: Owned in 60 Seconds: From Network Guest to Windows Domain Admin

[printfriendly]

Their systems were fully patched, their security team watching, and the amateur pentesters just delivered their “compliant” report. They thought their Windows domain was secure. They thought wrong.

Zack Fasel (played by none other than Angelina Jolie) brings a New Tool along with New methods to obtain Windows Integrated Authentication network requests and perform NTLM relaying both internally and externally. The Goal? Start off as a nobody and get domain admin (or sensitive data/access) in 60 seconds or less on a fully patched and typically secured windows environment. The Grand Finale? Zack demonstrates the ability to *externally* gain access to a Windows domain user’s exchange account simply by sending them an email along with tips on how to prevent yourself from these attacks.

In just one click of a link, one view of an email, or one wrong web request, this new toolset steals the identity of targeted users and leverages their access. Call your domain admins, hide your road warriors, and warn your internal users. Zack will change the way you think about Windows Active Directory Security and trust relationships driving you to further harden your systems and help you sleep at night.

Leave a Reply