Automahack - Python tool for automated Active Directory attack

Presented at NolaCon 2018, May 18, 2018, 1 p.m. (Unknown duration).

Automahack automates 5 different internal network attacks to gain access to plaintext and hashed credentials from Active Directory environments. Whenever hashed credentials are found Icebreaker will automatically attempt to crack them using rule-based JohnTheRipper and the top 10 million password list. After successfully performing the network attacks, Icebreaker can kick off the tools Empire and DeathStar for you to automate the process of escalating privileges all the way to domain admin without any user interaction. This talk will discuss how and why all 5 of these attacks work, followed by a demonstration of going from the internal network but outside the Active Directory domain straight to domain admin.

Presenters:

• Dan McInerney
  Top 100 most popular python github accounts, senior penetration tester/red teamer, BlackHat trainer. Twitter: @DanHMcInerney

Links:

• https://nolacon.com/talk/icebreaker
• https://infocon.org/cons/NolaCon/NolaCon 2018/Automahack Python toolchain for automated domain admin Dan McInerney.mp4
• https://infocon.org/cons/NolaCon/NolaCon 2018/Automahack Python toolchain for automated domain admin Dan McInerney.eng.srt (subtitles)
• https://www.youtube.com/watch?v=U5YJS57RS_U

Similar Presentations:

• BSidesLV 2016 / Six Degrees of Domain Admin - Using BloodHound to Automate Active Directory Domain Privilege Escalation Analysis
• Black Hat USA 2017 / The Active Directory Botnet
• NolaCon 2018 / Active Directory Security: The Journey