Breaking and Pwning Active Directory

Trainer Name: Abhishek Datta & Prashant Mahajan
Title: Breaking and Pwning Active Directory
Duration: 3 Days
Dates: 20^th - 22^nd June 2019

Overview

Active Directory is one of the most popular and widely deployed directory service for centralised domain management. It is susceptible to a wide variety of attacks due to vulnerabilities, configuration weaknesses and its inherent architectural complexity. Many large enterprises adopt Active Directory based domain management practises and hence its security is of prime concern for enterprise administrators and security auditors.

In this tools and technique oriented training, the participants will be taken to a journey of discovering, enumerating and exploiting various services in a Active Directory enviroment. Participants will start as an outsider in the domain environment with only network level access. Using a combination of recon, exploitation and post-exploitation techniques, the participants will be able to perform multi-staged attacks to finally obtain domain administrator privilege. The training will conclude by discussing various lateral movement and persistence techniques to spread and maintain access in a compromised domain environment once domain administrator privilege is obtained.

Courseware

• Attackers intro to Active Directory and Domain Management
• Network Discovery and Fingerprinting
• Active Directory Recon
  • Domain Discovery
  • Trust Mapping
  • Users and Group Discovery
  • Computer Discovery
  • User Hunting
• Exploiting Network Services
• Client Side Attacks
• Domain Credential Harvesting
• Kerberos Attacks
  • Pass the Ticket
  • Kerberoasting
  • TGS Cracking
• Lateral Movement
  • PsExec/WMIExec with Hash/Ticket (PtH/PtT)
  • Rogue GPO
  • PowerShell Remoting
• Persistence
  • Golden Tickets
  • Silver Tickets
  • Backdooring Domain Controller

Prerequisites

• Experience with vulnerability assessment and penetration testing.
• Basic knowledge of TCP/IP network protocol.
• Familiarity with virtualization software like VMware/VirtualBox

What to expect

A live Active Directory environment to perform various attacks for gaining domain administrator privilege and to maintain access using various Active Directory specific persistence techniques.

What to bring

• A laptop with administrator privileges.
• Minimum 50 GB of free hard hisk space.
• Minimum 4 GB RAM for virtual machines.
• Laptop should have a ethernet and wifi capability.
• VM Player or VMWare Workstation installed.

About Trainers

Abhisek Datta

Abhisek Datta is a Security Researcher and Consultant with over 10+ years of experience. His core area of expertise includes Penetration Testing, Vulnerability Analysis, Exploit Development, Reverse Engineering & Malware Analysis and Source Code Review. He has been involved in multiple high profile Reverse Engineering and Penetration Testing projects in the past for clients in India and abroad. He has multiple CVE's under his name for reporting vulnerabilities in various products. Some of CVE's reported by him CVE-2014-4117, CVE-2015- 0085, CVE-2014-6113, CVE-2015-1650, CVE-2015-1682, CVE-2015- 2376, and CVE-2015-2555.

At present he heads the technology team at Appsecco Consulting Pvt. Ltd. and is responsible for security tools develoment and process automation.

Prashant Mahajan

Prashant Mahajan is a Senior Security Consultant at Context Information Security (ContextIS) and heads the Sydney, Australia Assurance team. He has experience with various aspects of Information Security including penetration testing, vulnerability analysis, digital forensics, and incident response. Prashant is a founding member of Null - The Open Security Community and a frequent speaker at industry events.