Fun with LDAP and Kerberos in AD environments

Presented at THOTCON 0x9 (2018), May 5, 2018, noon (100 minutes).

This workshop will walk through some lesser known reconnaissance and lateral movement techniques when performing penetration tests in Active Directory environments. While tools like Bloodhound and Death Star have automated paths to DA, it's always important to have other tricks in your book and understand how to do things manually. This demo heavy workshop will include: manual LDAP and DNS reconnaissance, practical usage of Kerberos for password guessing and lateral movement, different techniques for code exec with admin privileges, effective relay techniques for unprivileged users, as well as other tips/tricks/one-liners for pentesting AD.


Presenters:

  • Ronnie Flathers
    Ronnie is a member of the Hacker/Hunter team at Uptake. Prior to that, he was a pentester and team lead at Cisco and Neohapsis.

Similar Presentations: