�ݺ�ߣshows by User: DirkjanMollema

�ݺ�ߣshows by User: DirkjanMollema / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: DirkjanMollema / Thu, 21 Mar 2019 17:02:14 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: DirkjanMollema I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Directory /slideshow/im-in-your-cloud-reading-everyones-email-hacking-azure-ad-via-active-directory/137528017 inyourcloud-190321170214
Azure AD is everything but a domain controller in the cloud. This talk will cover what Azure AD is, how it is commonly integrated with Active Directory and how security boundaries extend into the cloud, covering sync account password recovery, privilege escalations in Azure AD and full admin account takeovers using limited on-premise privileges. While Active Directory has been researched for years and the security boundaries and risks are generally well documented, more and more organizations are extending their network into the cloud. A prime example of this is Office 365, which Microsoft offers through their Azure cloud. Connecting the on-premise Active Directory with the cloud introduces new attack surface both for the cloud and the on-premise directory. This talk looks at the way the trust between Active Directory and Azure is set up and can be abused through the Azure AD Connect tool. We will take a dive into how the synchronization is set up, how the high-privilege credentials for both the cloud and Active Directory are protected (and can be obtained) and what permissions are associated with these accounts. The talk will outline how a zero day in common setups was discovered through which on-premise users with limited privileges could take over the highest administration account in Azure and potentially compromise all cloud assets. We will also take a look at the Azure AD architecture and common roles, and how attackers could backdoor or escalate privileges in cloud setups. Lastly we will look at how to prevent against these kind of attacks and why your AD Connect server is perhaps one of the most critical assets in the on-premise infrastructure.]]>
Azure AD is everything but a domain controller in the cloud. This talk will cover what Azure AD is, how it is commonly integrated with Active Directory and how security boundaries extend into the cloud, covering sync account password recovery, privilege escalations in Azure AD and full admin account takeovers using limited on-premise privileges. While Active Directory has been researched for years and the security boundaries and risks are generally well documented, more and more organizations are extending their network into the cloud. A prime example of this is Office 365, which Microsoft offers through their Azure cloud. Connecting the on-premise Active Directory with the cloud introduces new attack surface both for the cloud and the on-premise directory. This talk looks at the way the trust between Active Directory and Azure is set up and can be abused through the Azure AD Connect tool. We will take a dive into how the synchronization is set up, how the high-privilege credentials for both the cloud and Active Directory are protected (and can be obtained) and what permissions are associated with these accounts. The talk will outline how a zero day in common setups was discovered through which on-premise users with limited privileges could take over the highest administration account in Azure and potentially compromise all cloud assets. We will also take a look at the Azure AD architecture and common roles, and how attackers could backdoor or escalate privileges in cloud setups. Lastly we will look at how to prevent against these kind of attacks and why your AD Connect server is perhaps one of the most critical assets in the on-premise infrastructure.]]> Thu, 21 Mar 2019 17:02:14 GMT /slideshow/im-in-your-cloud-reading-everyones-email-hacking-azure-ad-via-active-directory/137528017 DirkjanMollema@slideshare.net(DirkjanMollema) I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Directory DirkjanMollema Azure AD is everything but a domain controller in the cloud. This talk will cover what Azure AD is, how it is commonly integrated with Active Directory and how security boundaries extend into the cloud, covering sync account password recovery, privilege escalations in Azure AD and full admin account takeovers using limited on-premise privileges. While Active Directory has been researched for years and the security boundaries and risks are generally well documented, more and more organizations are extending their network into the cloud. A prime example of this is Office 365, which Microsoft offers through their Azure cloud. Connecting the on-premise Active Directory with the cloud introduces new attack surface both for the cloud and the on-premise directory. This talk looks at the way the trust between Active Directory and Azure is set up and can be abused through the Azure AD Connect tool. We will take a dive into how the synchronization is set up, how the high-privilege credentials for both the cloud and Active Directory are protected (and can be obtained) and what permissions are associated with these accounts. The talk will outline how a zero day in common setups was discovered through which on-premise users with limited privileges could take over the highest administration account in Azure and potentially compromise all cloud assets. We will also take a look at the Azure AD architecture and common roles, and how attackers could backdoor or escalate privileges in cloud setups. Lastly we will look at how to prevent against these kind of attacks and why your AD Connect server is perhaps one of the most critical assets in the on-premise infrastructure. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/inyourcloud-190321170214-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> Azure AD is everything but a domain controller in the cloud. This talk will cover what Azure AD is, how it is commonly integrated with Active Directory and how security boundaries extend into the cloud, covering sync account password recovery, privilege escalations in Azure AD and full admin account takeovers using limited on-premise privileges. While Active Directory has been researched for years and the security boundaries and risks are generally well documented, more and more organizations are extending their network into the cloud. A prime example of this is Office 365, which Microsoft offers through their Azure cloud. Connecting the on-premise Active Directory with the cloud introduces new attack surface both for the cloud and the on-premise directory. This talk looks at the way the trust between Active Directory and Azure is set up and can be abused through the Azure AD Connect tool. We will take a dive into how the synchronization is set up, how the high-privilege credentials for both the cloud and Active Directory are protected (and can be obtained) and what permissions are associated with these accounts. The talk will outline how a zero day in common setups was discovered through which on-premise users with limited privileges could take over the highest administration account in Azure and potentially compromise all cloud assets. We will also take a look at the Azure AD architecture and common roles, and how attackers could backdoor or escalate privileges in cloud setups. Lastly we will look at how to prevent against these kind of attacks and why your AD Connect server is perhaps one of the most critical assets in the on-premise infrastructure.

I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Directory from DirkjanMollema

]]> 19305 31 https://cdn.slidesharecdn.com/ss_thumbnails/inyourcloud-190321170214-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 aclpwn - Active Directory ACL exploitation with BloodHound /slideshow/aclpwn-active-directory-acl-exploitation-with-bloodhound/124971700 aclpwn-181204204519
My talk about aclpwn and Active Directory ACL exploitation as given on Hack in the Box Dubai Armory 2018.]]>
My talk about aclpwn and Active Directory ACL exploitation as given on Hack in the Box Dubai Armory 2018.]]> Tue, 04 Dec 2018 20:45:19 GMT /slideshow/aclpwn-active-directory-acl-exploitation-with-bloodhound/124971700 DirkjanMollema@slideshare.net(DirkjanMollema) aclpwn - Active Directory ACL exploitation with BloodHound DirkjanMollema My talk about aclpwn and Active Directory ACL exploitation as given on Hack in the Box Dubai Armory 2018. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/aclpwn-181204204519-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> My talk about aclpwn and Active Directory ACL exploitation as given on Hack in the Box Dubai Armory 2018.

aclpwn - Active Directory ACL exploitation with BloodHound from DirkjanMollema

]]> 11893 12 https://cdn.slidesharecdn.com/ss_thumbnails/aclpwn-181204204519-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://public.slidesharecdn.com/v2/images/profile-picture.png https://cdn.slidesharecdn.com/ss_thumbnails/inyourcloud-190321170214-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/im-in-your-cloud-reading-everyones-email-hacking-azure-ad-via-active-directory/137528017 I'm in your cloud... r... https://cdn.slidesharecdn.com/ss_thumbnails/aclpwn-181204204519-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/aclpwn-active-directory-acl-exploitation-with-bloodhound/124971700 aclpwn - Active Direct...