Tweet
Whether you are trying to attack or defend Active Directory, BloodHound has been the default tool for identifying attack paths. With its latest release, BloodHound3 has introduced a number of new edges including the collection of ACLs for Organizational Units.
In this talk we will present a method to abuse edit rights on an OU by serving malicious Group Policy Objects in order to compromise any computer or user object that is a member of the vulnerable OU or any of its child OUs.
Speaker(s): Petros Koutroumpis
Location: Red Team Vlg
Discord: https://discord.com/channels/7082082...77357820411944
Event starts: 2020-08-08 04:45 (04:45 AM) PDT (UTC -07:00)
Event ends: 2020-08-08 05:45 (05:45 AM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-07-29T01:25 (UTC).
In this talk we will present a method to abuse edit rights on an OU by serving malicious Group Policy Objects in order to compromise any computer or user object that is a member of the vulnerable OU or any of its child OUs.
Speaker(s): Petros Koutroumpis
Location: Red Team Vlg
Discord: https://discord.com/channels/7082082...77357820411944
Event starts: 2020-08-08 04:45 (04:45 AM) PDT (UTC -07:00)
Event ends: 2020-08-08 05:45 (05:45 AM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-07-29T01:25 (UTC).